1249 matches found
OpenJDK: Excessive memory allocation in BMPImageReader (ImageIO, 8273756)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: ImageIO. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allow...
Moderate: Red Hat Security Advisory: java-1.8.0-openjdk security update
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
OpenJDK: Integer overflow in BMPImageReader (ImageIO, 8273838)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: ImageIO. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allow...
RLSA-2022:0307 Moderate: java-1.8.0-openjdk security and bug fix update
The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fixes: OpenJDK: Incomplete deserialization class filtering in ObjectInputStream Serialization, 8264934 CVE-2022-21248 OpenJDK: Insufficient URI checks in the XS...
ALSA-2022:0307 Moderate: java-1.8.0-openjdk security and bug fix update
The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fixes: OpenJDK: Incomplete deserialization class filtering in ObjectInputStream Serialization, 8264934 CVE-2022-21248 OpenJDK: Insufficient URI checks in the XS...
Moderate: java-1.8.0-openjdk security and bug fix update
The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fixes: OpenJDK: Incomplete deserialization class filtering in ObjectInputStream Serialization, 8264934 CVE-2022-21248 OpenJDK: Insufficient URI checks in the XS...
CentOS 8 : java-11-openjdk (CESA-2022:0185)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2022:0185 advisory. - OpenJDK: Incomplete deserialization class filtering in ObjectInputStream Serialization, 8264934 CVE-2022-21248 - OpenJDK: Incorrect reading of TIFF...
Vulnerability in the Oracle Java SE Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 7u321 8u311 11.0.13 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments typically in clients running sandboxed Java Web Start applications or sandboxed Java applets that load and run untrusted code (e.g. code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component e.g. through a web service which supplies data
...
Vulnerability in the Oracle Java SE Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 7u321 8u311 11.0.13 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments typically in clients running sandboxed Java Web Start applications or sandboxed Java applets that load and run untrusted code (e.g. code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component e.g. through a web service which supplies data
...
java security update
CentOS Errata and Security Advisory CESA-2022:0204 An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
Apple macOS ImageIO DDS image out-of-bounds read vulnerability
Summary An out-of-bounds read vulnerability exists in the DDS image parsing functionality of ImageIO library on Apple macOS Big Sur 11.6.1 and iOS 15.1. A specially-crafted DDS file can disclose sensitive memory content which can aid in exploitation of other vulnerabilities. An attacker can deliv...
CentOS 7 : java-11-openjdk (RHSA-2022:0204)
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0204 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that ar...
RHEL 8 : java-11-openjdk (RHSA-2022:0185)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0185 advisory. The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fixe...
OpenJDK: Excessive memory allocation in TIFF*Decompressor (ImageIO, 8274096)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: ImageIO. Supported versions that are affected are Oracle Java SE: 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows...
OpenJDK: Integer overflow in BMPImageReader (ImageIO, 8273838)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: ImageIO. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allow...
OpenJDK: Excessive memory allocation in BMPImageReader (ImageIO, 8273756)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: ImageIO. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allow...
OpenJDK: Excessive memory allocation in BMPImageReader (ImageIO, 8273756)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: ImageIO. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allow...
OpenJDK: Integer overflow in BMPImageReader (ImageIO, 8273838)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: ImageIO. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allow...
OpenJDK: Incorrect reading of TIFF files in TIFFNullDecompressor (ImageIO, 8270952)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: ImageIO. Supported versions that are affected are Oracle Java SE: 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows...
OpenJDK: Integer overflow in BMPImageReader (ImageIO, 8273838)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: ImageIO. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allow...