CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
AI Score
Confidence
High
EPSS
Percentile
37.2%
Yi Yang discovered that the Hotspot component of OpenJDK 21 incorrectly
handled array accesses in the C1 compiler. An attacker could possibly
use this issue to cause a denial of service, execute arbitrary code or
bypass Java sandbox restrictions. (CVE-2024-20918)
It was discovered that the Hotspot component of OpenJDK 21 did not
properly verify bytecode in certain situations. An attacker could
possibly use this issue to bypass Java sandbox restrictions.
(CVE-2024-20919)
It was discovered that the Hotspot component of OpenJDK 21 had an
optimization flaw when generating range check loop predicates. An attacker
could possibly use this issue to cause a denial of service, execute
arbitrary code or bypass Java sandbox restrictions. (CVE-2024-20921)
It was discovered that OpenJDK 21 could produce debug logs that contained
private keys used for digital signatures. An attacker could possibly use
this issue to obtain sensitive information. (CVE-2024-20945)
Hubert Kario discovered that the TLS implementation in OpenJDK 21 had a
timing side-channel and incorrectly handled RSA padding. A remote attacker
could possibly use this issue to recover sensitive information.
(CVE-2024-20952)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 23.10 | noarch | openjdk-21-jdk | < 21.0.2+13-1~23.10.1 | UNKNOWN |
Ubuntu | 23.10 | noarch | openjdk-21-dbg | < 21.0.2+13-1~23.10.1 | UNKNOWN |
Ubuntu | 23.10 | noarch | openjdk-21-demo | < 21.0.2+13-1~23.10.1 | UNKNOWN |
Ubuntu | 23.10 | noarch | openjdk-21-doc | < 21.0.2+13-1~23.10.1 | UNKNOWN |
Ubuntu | 23.10 | noarch | openjdk-21-jdk-headless | < 21.0.2+13-1~23.10.1 | UNKNOWN |
Ubuntu | 23.10 | noarch | openjdk-21-jre | < 21.0.2+13-1~23.10.1 | UNKNOWN |
Ubuntu | 23.10 | noarch | openjdk-21-jre-headless | < 21.0.2+13-1~23.10.1 | UNKNOWN |
Ubuntu | 23.10 | noarch | openjdk-21-jre-zero | < 21.0.2+13-1~23.10.1 | UNKNOWN |
Ubuntu | 23.10 | noarch | openjdk-21-source | < 21.0.2+13-1~23.10.1 | UNKNOWN |
Ubuntu | 22.04 | noarch | openjdk-21-jdk | < 21.0.2+13-1~22.04.1 | UNKNOWN |