11 matches found
Buffer Overflow
Overview Affected versions of this package are vulnerable to Buffer Overflow in hotspot/compiler due to improper handling of buffers in addnode.cpp. Remediation A fix was pushed into the master branch but not yet published. References - GitHub Commit - GitHub Commit - GitHub Commit - GitHub Commi...
Buffer Overflow
Overview org.graalvm.sdk:graal-sdk is a high-performance JDK distribution designed to accelerate the execution of applications written in Java and other JVM languages along with support for JavaScript, Ruby, Python, and a number of other popular languages. Affected versions of this package are...
OpenJDK: integer overflow in C1 compiler address generation (8322122)
A flaw was found in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalV...
Oracle OpenJDK 8.x - 21.x Vulnerability (Apr 2024)
Oracle OpenJDK is prone to a vulnerability in the hotspot/compiler component. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Oracle OpenJDK Vulnerability (CVE-2023-22025)
Oracle OpenJDK is prone to a vulnerability in the hotspot/compiler component. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Oracle OpenJDK Vulnerability (CVE-2023-22044)
Oracle OpenJDK is prone to a vulnerability in the hotspot/compiler component. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Amazon Corretto Java 17.x < 17.0.8.7.1 Multiple Vulnerabilities
The version of Amazon Corretto installed on the remote host is prior to 17 17.0.8.7.1. It is, therefore, affected by multiple vulnerabilities as referenced in the corretto-17-2023-Jul-18 advisory. - core-libs/java.net CVE-2023-22006 - core-libs/java.util CVE-2023-22036 - hotspot/compiler...
Amazon Corretto Java 11.x < 11.0.5.10.1 Multiple Vulnerabilities
The version of Amazon Corretto installed on the remote host is prior to 11 11.0.5.10.1. It is, therefore, affected by multiple vulnerabilities as referenced in the corretto-11-2019-Oct-15 advisory. - security-libs/javax.net.ssl CVE-2019-2894, CVE-2019-2949 - core-libs CVE-2019-2933 -...
Amazon Corretto Java 17.x < 17.0.2.8.1 Multiple Vulnerabilities
The version of Amazon Corretto installed on the remote host is prior to 17 17.0.2.8.1. It is, therefore, affected by multiple vulnerabilities as referenced in the corretto-17-2022-Jan-18 advisory. - core-libs/java.io:serialization CVE-2022-21248, CVE-2022-21341 - client-libs/javax.imageio...
OpenJDK: incorrect optimization of range checks in C2 compiler (Hotspot, 8022783)
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, and 7u67, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality via unknown vectors related to Hotspot...
Debian DSA-2224-1 : openjdk-6 - several vulnerabilities
Several security vulnerabilities were discovered in OpenJDK, an implementation of the Java platform. - CVE-2010-4351 The JNLP SecurityManager returns from the checkPermission method instead of throwing an exception in certain circumstances, which might allow context-dependent attackers to bypass...