755 matches found
OpenJDK: Loop in HttpsServer triggered during TLS session close (JSSE, 8254967)
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated attacke...
OpenJDK: Non-constant comparison during TLS handshakes (JSSE, 8269618)
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Difficult to exploit vulnerability allows unauthenticated...
OpenJDK: Weak ciphers preferred over stronger ones for TLS (JSSE, 8264210)
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Difficult to exploit vulnerability allows unauthenticated...
OpenJDK: Unexpected exception raised during TLS handshake (JSSE, 8267729)
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated attacker...
OpenJDK: Weak ciphers preferred over stronger ones for TLS (JSSE, 8264210)
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Difficult to exploit vulnerability allows unauthenticated...
DEBIAN-CVE-2021-35603
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Difficult to exploit vulnerability allows unauthenticated...
CVE-2021-35578
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated attacker...
CVE-2021-35578
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated attacker...
CVE-2021-35565
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated attacke...
CVE-2021-35565
CVE-2021-35565 affects Java SE (JSSE) and OpenJDK components across Java releases (7u311, 8u301, 11.0.12) and Oracle GraalVM Enterprise Edition (20.3.3, 21.2.0). The issue arises in TLS handling via the HttpsServer, enabling an unauthenticated network attacker to cause a partial denial of service...
Oracle Java SE and Oracle GraalVM Enterprise Edition Denial of Service Vulnerability (CNVD-2021-81805)
Java SE stands for Java Platform Standard Edition and is used to develop and deploy Java applications for desktops, servers, and embedded devices and real-time environments.Oracle GraalVM Enterprise Edition is an Oracle-based multilingual virtual machine for enterprise Java SE. A denial of servic...
Oracle Java SE and Oracle GraalVM Enterprise Edition Information Disclosure Vulnerability (CNVD-2021-81804)
Java SE stands for Java Platform Standard Edition and is used to develop and deploy Java applications for desktops, servers, and embedded devices and real-time environments.Oracle GraalVM Enterprise Edition is an Oracle-based multilingual virtual machine for enterprise Java SE. An information...
Oracle Java SE and Oracle GraalVM Enterprise Edition Information Disclosure Vulnerability (CNVD-2021-81812)
Java SE stands for Java Platform Standard Edition and is used to develop and deploy Java applications for desktops, servers, and embedded devices and real-time environments.Oracle GraalVM Enterprise Edition is an Oracle-based multilingual virtual machine for enterprise Java SE. An information...
Oracle Java SE and Oracle GraalVM Enterprise Edition Denial of Service Vulnerability (CNVD-2021-81806)
Java SE stands for Java Platform Standard Edition and is used to develop and deploy Java applications for desktops, servers, and embedded devices and real-time environments.Oracle GraalVM Enterprise Edition is an Oracle-based multilingual virtual machine for enterprise Java SE. A denial of servic...
Oracle Linux 7 : java-11-openjdk (ELSA-2021-3892)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-3892 advisory. 1:11.0.13.0.8-1.0.1 - link atomic for ix86 build 1:11.0.13.0.8-1 - Revert addition of libharfbuzz.so after its removal by JDK-8255790 - Resolves:...
Oracle Linux 8 : java-11-openjdk (ELSA-2021-3891)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-3891 advisory. 1:11.0.13.0.8-1 - Update to jdk-11.0.12.0+8 - Update release notes to 11.0.12.0+8 - Switch to GA mode for final release. - This tarball is embargoed...
Scientific Linux Security Update : java-11-openjdk on SL7.x i686/x86_64 (2021:3892)
The remote Scientific Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the SLSA-2021:3892-1 advisory. - OpenJDK: Loop in HttpsServer triggered during TLS session close JSSE, 8254967 CVE-2021-35565 - OpenJDK: Incorrect principal selection when usin...
PT-2021-7893
Name of the Vulnerable Software and Affected Versions Java SE versions 7u311, 8u301, 11.0.12, 17 Oracle GraalVM Enterprise Edition versions 20.3.3 and 21.2.0 Description The issue is related to the JSSE component and allows an unauthenticated attacker with network access via TLS to compromise Jav...
PT-2021-7894
Name of the Vulnerable Software and Affected Versions Java SE versions 8u301, 11.0.12, 17 Oracle GraalVM Enterprise Edition versions 20.3.3 and 21.2.0 Description The issue is related to the JSSE component and allows an unauthenticated attacker with network access via TLS to compromise Java SE an...
Oracle Java SE 输入验证错误漏洞
Java SE stands for Java Platform Standard Edition and is used to develop and deploy Java applications for desktops, servers, and embedded devices and real-time environments.Oracle GraalVM Enterprise Edition is an Oracle-based multilingual virtual machine for enterprise Java SE. A denial of servic...