USN-3824-1 openjdk-7 vulnerabilities

It was discovered that the Security component of OpenJDK did not properly ensure that manifest elements were signed before use. An attacker could possibly use this to specially construct an untrusted Java application or applet that could escape sandbox restrictions. CVE-2018-3136 Artem Smotrakov...

Ubuntu 14.04 LTS : OpenJDK 7 vulnerabilities (USN-3824-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3824-1 advisory. It was discovered that the Security component of OpenJDK did not properly ensure that manifest elements were signed before use. An attacker could possibl...

Scientific Linux Security Update : java-1.7.0-openjdk on SL6.x i386/x86_64 (20181031)

Security Fixes : - OpenJDK: Improper field access checks Hotspot, 8199226 CVE-2018-3169 - OpenJDK: Incomplete enforcement of the trustURLCodebase restriction JNDI, 8199177 CVE-2018-3149 - OpenJDK: Incorrect handling of unsigned attributes in signed Jar manifests Security, 8194534 CVE-2018-3136 -...

Ubuntu 16.04 LTS / 18.04 LTS : OpenJDK vulnerabilities (USN-3804-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3804-1 advisory. It was discovered that the Security component of OpenJDK did not properly ensure that manifest elements were signed before use. An attacker...

Critical: Red Hat Security Advisory: java-1.7.0-oracle security update

An update for java-1.7.0-oracle is now available for Oracle Java for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Important: Red Hat Security Advisory: java-1.6.0-sun security update

An update for java-1.6.0-sun is now available for Oracle Java for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Rational Directory Server (Tivoli) & Rational Directory Administrator

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 7 and Version 8 used by Rational Directory Server Tivoli and Rational Directory Administrator. These issues were disclosed as part of the IBM Java SDK updates in July 2018. Upgrade the JRE in order to resolve the...

CentOS 7 : java-1.8.0-openjdk (CESA-2018:2942)

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

SUSE SLES12 Security Update : java-1_8_0-ibm (SUSE-SU-2018:2839-2)

This update for java-180-ibm to 8.0.5.20 fixes the following security issues : CVE-2018-2952: Vulnerability in subcomponent: Concurrency. Difficult to exploit vulnerability allowed unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit...

SUSE SLES12 Security Update : java-1_8_0-openjdk (SUSE-SU-2018:3064-2) (Spectre)

This update for java-180-openjdk to the jdk8u181 icedtea 3.9.0 release fixes the following issues : These security issues were fixed : CVE-2018-2938: Difficult to exploit vulnerability allowed unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful...

Scientific Linux Security Update : java-1.8.0-openjdk on SL7.x x86_64 (20181018)

Security Fixes : - OpenJDK: Improper field access checks Hotspot, 8199226 CVE-2018-3169 - OpenJDK: Unrestricted access to scripting engine Scripting, 8202936 CVE-2018-3183 - OpenJDK: Incomplete enforcement of the trustURLCodebase restriction JNDI, 8199177 CVE-2018-3149 - OpenJDK: Incorrect handli...

RHEL 6 : java-1.8.0-openjdk (RHSA-2018:2943)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:2943 advisory. The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM MessageSight

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 7.1 and 8.0 used by IBM MessageSight. These issues were disclosed as part of the IBM Java SDK updates in July 2018. Vulnerability Details CVEID: CVE-2018-1656 DESCRIPTION: The IBM Java Runtime Environment's...

CVE-2018-3180

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JSSE. Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Difficult to exploit vulnerability allows unauthenticated attacker with...

Oracle Java SE Security Updates-03 (cpuoct2018) - Linux

Oracle Java SE is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Java SE Security Updates-03 (cpuoct2018) - Windows

Oracle Java SE is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2018-1138)

This update for java-180-openjdk to the jdk8u181 icedtea 3.9.0 release fixes the following issues : These security issues were fixed : - CVE-2018-2938: Difficult to exploit vulnerability allowed unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful...

Security update for java-1_8_0-openjdk (important)

This update for java-180-openjdk to the jdk8u181 icedtea 3.9.0 release fixes the following issues: These security issues were fixed: - CVE-2018-2938: Difficult to exploit vulnerability allowed unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM Spectrum LSF Analytics

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 and IBM® Runtime Environment Java™ Version 7 used by IBM Spectrum LSF Analytics. IBM Spectrum LSF Analytics has addressed the applicable CVEs. Vulnerability Details If you run your own Java code using the I...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Support Assistant Team Server (CVE-2014-6457)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 1.7.0 that is used by IBM Support Assistant Team Server. These issues were disclosed as part of the IBM Java SDK updates in October 2014. One of these vulnerabilities affects the IBM Support...