Lucene search
Copyright (C) 2024 Greenbone AGOPENVAS:13614125623111120245672HistoryApr 23, 2024 - 12:00 a.m.
Debian: Security Advisory (DSA-5672-1)
2024-04-2300:00:00
Copyright (C) 2024 Greenbone AG
plugins.openvas.org
10
debian
openjdk-17
security advisory
dsa-5672-1
update
vulnerability
debian 11
debian 12
3.7 Low
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
7.5 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
20.8%
The remote host is missing an update for the Debian
# SPDX-FileCopyrightText: 2024 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.1.1.1.2024.5672");
script_cve_id("CVE-2024-21011", "CVE-2024-21012", "CVE-2024-21068", "CVE-2024-21094");
script_tag(name:"creation_date", value:"2024-04-23 04:20:34 +0000 (Tue, 23 Apr 2024)");
script_version("2024-04-24T05:05:32+0000");
script_tag(name:"last_modification", value:"2024-04-24 05:05:32 +0000 (Wed, 24 Apr 2024)");
script_tag(name:"cvss_base", value:"2.6");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:H/Au:N/C:N/I:P/A:N");
script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2024-04-16 22:15:29 +0000 (Tue, 16 Apr 2024)");
script_name("Debian: Security Advisory (DSA-5672-1)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2024 Greenbone AG");
script_family("Debian Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/debian_linux", "ssh/login/packages", re:"ssh/login/release=DEB(11|12)");
script_xref(name:"Advisory-ID", value:"DSA-5672-1");
script_xref(name:"URL", value:"https://www.debian.org/security/2024/DSA-5672-1");
script_tag(name:"summary", value:"The remote host is missing an update for the Debian 'openjdk-17' package(s) announced via the DSA-5672-1 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"affected", value:"'openjdk-17' package(s) on Debian 11, Debian 12.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-deb.inc");
release = dpkg_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "DEB11") {
if(!isnull(res = isdpkgvuln(pkg:"openjdk-17-dbg", ver:"17.0.11+9-1~deb11u1", rls:"DEB11"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"openjdk-17-demo", ver:"17.0.11+9-1~deb11u1", rls:"DEB11"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"openjdk-17-jdk", ver:"17.0.11+9-1~deb11u1", rls:"DEB11"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"openjdk-17-jdk-headless", ver:"17.0.11+9-1~deb11u1", rls:"DEB11"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"openjdk-17-jre", ver:"17.0.11+9-1~deb11u1", rls:"DEB11"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"openjdk-17-jre-headless", ver:"17.0.11+9-1~deb11u1", rls:"DEB11"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"openjdk-17-jre-zero", ver:"17.0.11+9-1~deb11u1", rls:"DEB11"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
if(release == "DEB12") {
if(!isnull(res = isdpkgvuln(pkg:"openjdk-17-dbg", ver:"17.0.11+9-1~deb12u1", rls:"DEB12"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"openjdk-17-demo", ver:"17.0.11+9-1~deb12u1", rls:"DEB12"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"openjdk-17-jdk", ver:"17.0.11+9-1~deb12u1", rls:"DEB12"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"openjdk-17-jdk-headless", ver:"17.0.11+9-1~deb12u1", rls:"DEB12"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"openjdk-17-jre", ver:"17.0.11+9-1~deb12u1", rls:"DEB12"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"openjdk-17-jre-headless", ver:"17.0.11+9-1~deb12u1", rls:"DEB12"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"openjdk-17-jre-zero", ver:"17.0.11+9-1~deb12u1", rls:"DEB12"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
Related
oraclelinux
oraclelinux
java-17-openjdk security update
2024-04-22 00:00:00
java-21-openjdk security update
2024-04-23 00:00:00
java-11-openjdk security update
2024-04-22 00:00:00
nessus
nessus
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : java-17-openjdk (SUSE-SU-2024:1499-1)
2024-05-07 00:00:00
Oracle Linux 8 / 9 : java-17-openjdk (ELSA-2024-1825)
2024-04-19 00:00:00
amazon
amazon
Low: java-17-amazon-corretto
2024-04-24 22:15:00
Low: java-11-amazon-corretto
2024-04-24 22:15:00
Low: java-1.8.0-openjdk
2024-05-09 19:16:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2024:1499-1)
2024-05-07 00:00:00
Ubuntu: Security Advisory (USN-6812-1)
2024-06-07 00:00:00
Ubuntu: Security Advisory (USN-6813-1)
2024-06-07 00:00:00
debian
debian
[SECURITY] [DSA 5672-1] openjdk-17 security update
2024-04-22 14:23:20
[SECURITY] [DSA 5671-1] openjdk-11 security update
2024-04-22 08:40:05
[SECURITY] [DLA 3793-1] openjdk-11 security update
2024-04-22 13:47:10
osv
osv
Moderate: java-17-openjdk security update
2024-04-18 00:00:00
openjdk-21 vulnerabilities
2024-06-06 01:57:21
openjdk-17 - security update
2024-04-22 00:00:00
almalinux
almalinux
Moderate: java-17-openjdk security update
2024-04-18 00:00:00
Moderate: java-21-openjdk security update
2024-04-18 00:00:00
Moderate: java-11-openjdk security update
2024-04-22 00:00:00
ubuntu
ubuntu
OpenJDK 17 vulnerabilities
2024-06-06 00:00:00
OpenJDK 21 vulnerabilities
2024-06-06 00:00:00
OpenJDK 11 vulnerabilities
2024-06-06 00:00:00
redhat
redhat
(RHSA-2024:1825) Moderate: java-17-openjdk security update
2024-04-18 00:58:08
rocky
rocky
java-11-openjdk security update
2024-05-06 13:04:21
java-21-openjdk security update
2024-05-06 13:04:21
java-1.8.0-openjdk security update
2024-05-06 13:04:21
f5
f5
mageia
mageia
ibm
ibm
nvd
nvd
redhatcve
redhatcve
cgr
cgr
CVE-2024-21094 vulnerabilities
2024-05-19 03:07:16
CVE-2024-21068 vulnerabilities
2024-05-19 03:07:16
CVE-2024-21012 vulnerabilities
2024-05-19 03:07:16
ubuntucve
ubuntucve
debiancve
debiancve
cve
cve
kaspersky
kaspersky
KLA65636 Multiple vulnerabilities in Oracle Java SE and GraalVM
2024-04-16 00:00:00
alpinelinux
alpinelinux
cvelist
cvelist
wolfi
wolfi
CVE-2024-21011 vulnerabilities
2024-06-27 09:08:32
CVE-2024-21012 vulnerabilities
2024-06-27 09:08:32
CVE-2024-21094 vulnerabilities
2024-06-27 09:08:32
oracle
oracle
Oracle Critical Patch Update Advisory - April 2024
2024-04-16 00:00:00
3.7 Low
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
7.5 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
20.8%
Related for OPENVAS:13614125623111120245672