CentOS 8 : ruby:3.0 (CESA-2022:6450)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2022:6450 advisory. - ruby: Regular expression denial of service vulnerability of Date parsing methods CVE-2021-41817 - ruby: Cookie prefix spoofing in CGI::Cookie.parse...

RHEL 8 : ruby:3.0 (RHSA-2022:6450)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:6450 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

Gcc 安全漏洞

GCC is a collection of GNU compilers. It is mainly used to compile the C and C++ languages. A security vulnerability exists in Gcc. An attacker has exploited this vulnerability to cause g++ to crash during compilation via a specially crafted input source file...

CLSA-2022-1660064249 Fix CVE(s): CVE-2022-21434, CVE-2022-21426, CVE-2022-21443, CVE-2022-34169, CVE-2022-21540, CVE-2022-21541, CVE-2022-21476, CVE-2022-21496

Backport upstream releases 8u342 and 8u332 to 16.04 LTS Security fixes in 8u342: - JDK-8272243: Improve DER parsing - JDK-8272249: Better properties of loaded Properties - JDK-8277608: Address IP Addressing - JDK-8281859, CVE-2022-21540: Improve class compilation - JDK-8281866, CVE-2022-21541:...

SUSE-SU-2022:2707-1 Security update for java-11-openjdk

This update for java-11-openjdk fixes the following issues: Update to upstream tag jdk-11.0.16+8 July 2022 CPU - CVE-2022-21540: Improve class compilation bsc1201694 - CVE-2022-21541: Enhance MethodHandle invocations bsc1201692 - CVE-2022-34169: Improve Xalan supports bsc1201684...

CLSA-2022-1659643989 Fixed CVEs in java-1.8.0-openjdk: CVE-2022-21541, CVE-2022-21540, CVE-2022-34169

Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u342-b07. That fixes following CVEs: - CVE-2022-34169: Integer truncation issue in Xalan-J - CVE-2022-21540: Class compilation issue - CVE-2022-21541: Improper restriction of MethodHandle.invokeBasic - Update tzdata requirement to 2022a to match...

CLSA-2022-1659643853 Fixed CVEs in java-1.8.0-openjdk: CVE-2022-34169, CVE-2022-21540, CVE-2022-21541

Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u342-b07. That fixes following CVEs: - CVE-2022-34169: Integer truncation issue in Xalan-J - CVE-2022-21540: Class compilation issue - CVE-2022-21541: Improper restriction of MethodHandle.invokeBasic - Update tzdata requirement to 2022a to match...

Fixed CVEs in java-1.8.0-openjdk: CVE-2022-21541, CVE-2022-34169, CVE-2022-21540

Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u342-b07. That fixes following CVEs: - CVE-2022-34169: Integer truncation issue in Xalan-J - CVE-2022-21540: Class compilation issue - CVE-2022-21541: Improper restriction of MethodHandle.invokeBasic - Update tzdata requirement to 2022a to match...

SUSE-SU-2022:2660-1 Security update for java-17-openjdk

This update for java-17-openjdk fixes the following issues: Update to upstream tag jdk-17.0.4+8 July 2022 CPU - CVE-2022-21540: Improve class compilation bsc1201694 - CVE-2022-21541: Enhance MethodHandle invocations bsc1201692 - CVE-2022-34169: Improve Xalan supports bsc1201684 - CVE-2022-21549:...

Command Injection

node-latex-pdf is vulnerable to command injection. Insecure handling of compilation and execution of source file in selflatex function in node-latex-pdf.js allows an attacker to inject and execute malicious commands...

CentOS: Security Advisory for java-11-openjdk (CESA-2022:5687)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

java security update

CentOS Errata and Security Advisory CESA-2022:5687 An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

Scientific Linux Security Update : java-1.8.0-openjdk on SL7.x i686/x86_64 (2022:5698)

The remote Scientific Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the SLSA-2022:5698-1 advisory. - OpenJDK: integer truncation issue in Xalan-J JAXP, 8285407 CVE-2022-34169 - OpenJDK: class compilation issue Hotspot, 8281859 CVE-2022-21540 -...

SUSE-SU-2022:2610-1 Security update for java-11-openjdk

This update for java-11-openjdk fixes the following issues: Update to upstream tag jdk-11.0.16+8 July 2022 CPU - CVE-2022-21540: Improve class compilation bsc1201694 - CVE-2022-21541: Enhance MethodHandle invocations bsc1201692 - CVE-2022-34169: Improve Xalan supports bsc1201684...

[SECURITY] Fedora 36 Update: golang-github-google-martian-3.1.0-10.fc36

Martian Proxy is a programmable HTTP proxy designed to be used for testing. Martian is a great tool to use if you want to: - Verify that all or some subset of requests are secure - Mock external services at the network layer - Inject headers, modify cookies or perform other mutations of HTTP...

OpenJDK: class compilation issue (Hotspot, 8281859)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1.0. Easily exploitab...

OpenJDK: class compilation issue (Hotspot, 8281859)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1.0. Easily exploitab...

OpenJDK: class compilation issue (Hotspot, 8281859)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1.0. Easily exploitab...

RHEL 9 : java-17-openjdk (RHSA-2022:5736)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5736 advisory. The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. The following...

RHEL 8 : java-1.8.0-openjdk (RHSA-2022:5696)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5696 advisory. The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. The followin...