Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2024 Greenbone AGOPENVAS:1361412562310832794
HistoryJan 17, 2024 - 12:00 a.m.

Oracle Java SE Security Update (jan2024) 04 - Linux

2024-01-1700:00:00
Copyright (C) 2024 Greenbone AG
plugins.openvas.org
3
oracle java se
linux
security update
vulnerabilities
unauthorized access

3.6 Low

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

18.6%

JSON

Oracle Java SE is prone to multiple
vulnerabilities.

# SPDX-FileCopyrightText: 2024 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.832794");
  script_version("2024-02-19T05:05:57+0000");
  script_cve_id("CVE-2024-20923", "CVE-2024-20925", "CVE-2024-20922");
  script_tag(name:"cvss_base", value:"2.6");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:H/Au:N/C:N/I:P/A:N");
  script_tag(name:"last_modification", value:"2024-02-19 05:05:57 +0000 (Mon, 19 Feb 2024)");
  script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N");
  script_tag(name:"severity_origin", value:"NVD");
  script_tag(name:"severity_date", value:"2024-02-17 02:15:47 +0000 (Sat, 17 Feb 2024)");
  script_tag(name:"creation_date", value:"2024-01-17 11:19:29 +0530 (Wed, 17 Jan 2024)");
  script_name("Oracle Java SE Security Update (jan2024) 04 - Linux");

  script_tag(name:"summary", value:"Oracle Java SE is prone to multiple
  vulnerabilities.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present
  on the target host.");

  script_tag(name:"insight", value:"Multiple flaws exist due to multiple
  errors in the multiple components.");

  script_tag(name:"impact", value:"Successful exploitation will allow remote
  attacker to compromise Oracle Java SE, which can result in unauthorized update,
  insert or delete access to some of Oracle Java SE.");

  script_tag(name:"affected", value:"Oracle Java SE version 8u391 and earlier
  on Linux.");

  script_tag(name:"solution", value:"The vendor has released updates. Please
  see the references for more information.");

  script_tag(name:"solution_type", value:"VendorFix");
  script_tag(name:"qod_type", value:"executable_version");
  script_xref(name:"URL", value:"https://www.oracle.com/security-alerts/cpujan2024.html#AppendixJAVA");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2024 Greenbone AG");
  script_family("General");
  script_dependencies("gb_java_prdts_detect_lin.nasl");
  script_mandatory_keys("Oracle/Java/JDK_or_JRE/Linux/detected");
  exit(0);
}

include("host_details.inc");
include("version_func.inc");

CPE = "cpe:/a:oracle:jre";

if(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))
  exit(0);

vers = infos["version"];
path = infos["location"];

if(version_in_range(version:vers, test_version:"1.8.0", test_version2:"1.8.0.391")) {
  report = report_fixed_ver(installed_version:vers, fixed_version: "Apply patch provided by the vendor", install_path:path);
  security_message(port:0, data:report);
  exit(0);
}

exit(0);

Related

openvas 1
f5 2
nessus 9
amazon 2
osv 1
prion 3
ubuntucve 3
cve 3
debiancve 3
cvelist 3
github 1
kaspersky 1
oracle 2
openvas
openvas
Oracle Java SE Security Update (jan2024) 04 - Windows
2024-01-17 00:00:00
f5
f5
K000138462 : Oracle Java vulnerabilities CVE-2024-20922, CVE-2024-20923
2024-02-02 00:00:00
K000138850 : OpenJDK vulnerabilities CVE-2024-20918, CVE-2024-20925, CVE-2024-20945, CVE-2024-20952, and CVE-2024-20955
2024-03-07 00:00:00
nessus
nessus
Amazon Linux 2023 : java-21-amazon-corretto, java-21-amazon-corretto-devel, java-21-amazon-corretto-headless (ALAS2023-2024-485)
2024-01-18 00:00:00
Amazon Linux 2 : java-11-openjdk (ALASJAVA-OPENJDK11-2024-007)
2024-02-06 00:00:00
Amazon Linux 2023 : java-11-amazon-corretto, java-11-amazon-corretto-devel, java-11-amazon-corretto-headless (ALAS2023-2024-484)
2024-01-18 00:00:00
amazon
amazon
Important: java-11-amazon-corretto
2024-01-17 00:55:00
Important: java-17-amazon-corretto
2024-01-17 00:55:00
osv
osv
Vulnerability affecting the org.openjfx:javafx-media maven component of the OpenJFX project
2024-02-17 03:30:29
prion
prion
Buffer overflow
2024-02-17 02:15:00
Buffer overflow
2024-01-16 22:15:00
Buffer overflow
2024-02-17 02:15:00
ubuntucve
ubuntucve
CVE-2024-20925
2024-02-17 00:00:00
CVE-2024-20922
2024-01-16 00:00:00
CVE-2024-20923
2024-02-17 00:00:00
cve
cve
CVE-2024-20923
2024-02-17 02:15:47
CVE-2024-20925
2024-02-17 02:15:47
CVE-2024-20922
2024-01-16 22:15:39
debiancve
debiancve
CVE-2024-20923
2024-02-17 02:15:47
CVE-2024-20925
2024-02-17 02:15:47
CVE-2024-20922
2024-01-16 22:15:39
cvelist
cvelist
CVE-2024-20922
2024-01-16 21:41:15
CVE-2024-20923
2024-02-17 01:50:11
CVE-2024-20925
2024-02-17 01:50:11
github
github
Vulnerability affecting the org.openjfx:javafx-media maven component of the OpenJFX project
2024-02-17 03:30:29
kaspersky
kaspersky
KLA63108 Multiple vulnerabilities in Oracle Java SE and GraalVM
2024-01-16 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - January 2024
2024-01-16 00:00:00
Oracle Critical Patch Update Advisory - April 2024
2024-04-16 00:00:00

3.6 Low

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

18.6%

JSON
Related for OPENVAS:1361412562310832794
openvas1f52nessus9amazon2osv1prion3ubuntucve3cve3debiancve3cvelist3github1kaspersky1oracle2