PT-2020-2595

Name of the Vulnerable Software and Affected Versions Java SE versions 11.0.6 and 14 Description The issue is related to insufficient access control in the JSSE component of Oracle Java SE, allowing a remote attacker to gain unauthorized access to protected information via the HTTPS protocol. Thi...

PT-2020-2596

Name of the Vulnerable Software and Affected Versions Java SE versions 7u251, 8u241, 11.0.6, and 14 Java SE Embedded version 8u241 Description The issue is related to insufficient input validation in the JSSE component of Oracle Java SE and Java SE Embedded. It allows an unauthenticated attacker...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Rational Directory Server (Tivoli) & Rational Directory Administrator

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 7 and Version 8 used by Rational Directory Server Tivoli and Rational Directory Administrator. These issues were disclosed as part of the IBM Java SDK updates in March 2020. Upgrade the JRE in order to resolve...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Rational Directory Server (Tivoli) & Rational Directory Administrator

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 7 and Version 8 used by Rational Directory Server Tivoli and Rational Directory Administrator. These issues were disclosed as part of the IBM Java SDK updates in January 2020. Upgrade the JRE in order to resolve...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Rational Application Developer for WebSphere (CVE-2014-3566, CVE-2014-3065, CVE-2014-6457)

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition, Versions 6, and 7 that are used by Rational Application Developer. This also includes a fix for the Padding Oracle On Downgraded Legacy Encryption POODLE SSLv3 vulnerability CVE-2014-3566. These were disclosed as part ...

RHEL 8 : java-11-openjdk (RHSA-2020:0232)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0232 advisory. The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fixe...

CentOS 7 : java-11-openjdk (RHSA-2020:0122)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0122 advisory. - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization. Supported versions that are affected are Java SE:...

java security update

CentOS Errata and Security Advisory CESA-2020:0122 An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

Unspecified Vulnerability in Oracle Java SE (CNVD-2020-05118)

Java SE is the Java Platform Standard Edition, for the development and deployment of desktop, server and embedded devices and real-time environment of Java applications. A security vulnerability exists in the JSSE component of Oracle Java SE 11.0.5, 13.0.1. An attacker could exploit this...

Important: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...

Oracle Java SE 1.7.0_251 / 1.8.0_241 / 1.11.0_6 / 1.13.0_2 Multiple Vulnerabilities (Jan 2020 CPU) (Unix)

The version of Oracle formerly Sun Java SE or Java for Business installed on the remote host is prior to 7 Update 251, 8 Update 241, 11 Update 6, or 13 Update 2. It is, therefore, affected by multiple vulnerabilities: - Oracle Java SE and Java SE Embedded are prone to a severe division by zero,...

Oracle Java SE Security Update (cpujan2020 - 03) - Linux

Oracle Java SE is prone to a security vulnerability. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Oracle Java SE Security Update (cpujan2020 - 03) - Windows

Oracle Java SE is prone to a security vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-2655

Vulnerability in the Java SE product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 11.0.5 and 13.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java SE. Successful attacks of this...

UBUNTU-CVE-2020-2655

Vulnerability in the Java SE product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 11.0.5 and 13.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java SE. Successful attacks of this...

CVE-2020-2655

CVE-2020-2655 affects Oracle Java SE JSSE in Java 11.0.5 and 13.0.1. The vulnerability allows an unauthenticated attacker with network access over HTTPS to potentially update/insert/delete or read data in Java SE, with the attack surface tied to sandboxed Java Web Start/Applet deployments and API...

CVE-2020-2655

Vulnerability in the Java SE product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 11.0.5 and 13.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java SE. Successful attacks of this...

Oracle Java SE CVE-2020-2655 Remote Security Vulnerability

Description Oracle Java SE is prone to a remote security vulnerability. The vulnerability can be exploited over 'HTTPS' protocol. This issue affects the 'JSSE' component. This vulnerability affects the following supported versions: Java SE: 11.0.5, 13.0.1 Technologies Affected Oracle JDKLinux...

Security Bulletin: Multiple vulnerabilities, including Freak and Bar Mitzvah, in IBM Java SDK affect IBM i.

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition that is used by IBM i. The “FREAK: Factoring Attack on RSA-EXPORT keys" TLS/SSL client and server vulnerability and the RC4 “Bar Mitzvah” Attack for SSL/TLS affects IBM i java. Vulnerability Details CVEID: CVE-2015-04...

EulerOS 2.0 SP5 : java-1.7.0-openjdk (EulerOS-SA-2019-2200)

According to the versions of the java-1.7.0-openjdk packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Sound. Supported versions that are...