Fedora: Security Advisory for java-11-openjdk (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS: Security Advisory for java-11-openjdk (CESA-2023:5736)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux 2 : java-11-openjdk (ALASJAVA-OPENJDK11-2024-007)

The version of java-11-openjdk installed on the remote host is prior to 11.0.22.0.7-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2JAVA-OPENJDK11-2024-007 advisory. A vulnerability that allows an attacker to execute arbitrary java code from the javascript engi...

SUSE: Security Advisory (SUSE-SU-2024:0321-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2024:0203-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

java-11-openjdk security update

1:11.0.22.0.7-2.0.1 - Update to openjdk-11.0.22+7...

Oracle Linux 8 / 9 : java-11-openjdk (ELSA-2024-0266)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-0266 advisory. 1:11.0.22.0.7-2.0.1 - Update to openjdk-11.0.22+7 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Amazon Linux 2 : java-11-amazon-corretto (ALAS-2024-2414)

The version of java-11-amazon-corretto installed on the remote host is prior to 11.0.22+7-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2414 advisory. A vulnerability that allows an attacker to execute arbitrary java code from the javascript engine even...

Important: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...

RHEL 9 : java-11-openjdk (RHSA-2024:0237)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0237 advisory. The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fixe...

java-11-openjdk security update

1:11.0.22.0.7-1.0.1 - link atomic for ix86 build 1:11.0.22.0.7-1 - Update to jdk-11.0.22+7 GA - Update release notes to 11.0.22+7 - Switch to GA mode for release - This tarball is embargoed until 2024-01-16 @ 1pm PT. - Resolves: RHEL-20966 1:11.0.22.0.6-0.1.ea - Update to jdk-11.0.22+6 EA - Updat...

Amazon Corretto Java 11.x < 11.0.22.7.1 Multiple Vulnerabilities

The version of Amazon Corretto installed on the remote host is prior to 11 11.0.22.7.1. It is, therefore, affected by multiple vulnerabilities as referenced in the corretto-11-2024-Jan-16 advisory. - hotspot/compiler CVE-2024-20918, CVE-2024-20921 - hotspot/runtime CVE-2024-20919 -...

Amazon Linux 2 : java-11-openjdk (ALASJAVA-OPENJDK11-2024-006)

The version of java-11-openjdk installed on the remote host is prior to 11.0.21.0.9-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2JAVA-OPENJDK11-2024-006 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK product of Oracle Java SE component: JSSE...

Design/Logic Flaw

Once an user is authenticated on Jolokia, he can potentially trigger arbitrary code execution. In details, in ActiveMQ configurations, jetty allows org.jolokia.http.AgentServlet to handler request to /api/jolokia org.jolokia.http.HttpRequestHandlerhandlePostRequest is able to create JmxRequest...

Amazon Linux 2023 : java-11-amazon-corretto, java-11-amazon-corretto-devel, java-11-amazon-corretto-headless (ALAS2023-2023-427)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-427 advisory. 2023-11-09: CVE-2023-22081 was added to this advisory. An issue was discovered in function ciMethodBlocks::makeblockat in Oracle JDK HotSpot VM 11, 17 and OpenJDK HotSpot VM 8, 11, 17, allows...

SUSE: Security Advisory (SUSE-SU-2023:4198-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

java-11-openjdk security and bug fix update

1:11.0.21.0.9-2.0.1 - Add Oracle vendor bug URL Orabug: 34340155 - Update to jdk-11.0.21+9 GA - Update release notes to 11.0.21+9 - OpenJDK: certificate path validation issue during client authentication 8309966 CVE-2023-22081 - OpenJDK: Additional zip64 files validation 8313765 RHBZ2237170 -...

SUSE-SU-2023:4198-1 Security update for java-11-openjdk

This update for java-11-openjdk fixes the following issues: - Upgraded to JDK 11.0.21+9 October 2023 CPU: - CVE-2023-22081: Fixed a partial denial of service issue that could be triggered via HTTPS bsc1216374. Please visit the Oracle Release Notes page for the full changelog:...

Amazon Linux 2023 : java-11-amazon-corretto, java-11-amazon-corretto-devel, java-11-amazon-corretto-headless (ALAS2023-2023-401)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-401 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 20.0.2...

SUSE: Security Advisory (SUSE-SU-2023:4152-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...