OPENSUSE-SU-2024:12719-1 java-13-openjdk-13.0.14.0-1.1 on GA media

These are all security issues fixed in the java-13-openjdk-13.0.14.0-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:12013-1 java-13-openjdk-13.0.11.0-1.1 on GA media

These are all security issues fixed in the java-13-openjdk-13.0.11.0-1.1 package on the GA media of openSUSE Tumbleweed...

CVE-2022-45146

A flaw was found in the FIPS Java API of Bouncy Castle BC-FJA. Affected versions of this package are vulnerable to Improper Authentication. Changes to the JVM garbage collector in Java 13 and later can trigger an issue in the BC-FJA FIPS modules, where it is possible for temporary keys used by th...

Information Disclosure

bc-fips is vulnerable to Information Disclosure. The vulnerability exists because the temporary keys used in the module get zeroed out while still in use by the module, resulting in an error or potential information loss. This vulnerability only affects Java 13 or later...

Garbage collection issue in BC-FJA in Java 13 and later

An issue was discovered in the FIPS Java API of Bouncy Castle BC-FJA before 1.0.2.4. Changes to the JVM garbage collector in Java 13 and later trigger an issue in the BC-FJA FIPS modules where it is possible for temporary keys used by the module to be zeroed out while still in use by the module,...

Code injection

An issue was discovered in the FIPS Java API of Bouncy Castle BC-FJA before 1.0.2.4. Changes to the JVM garbage collector in Java 13 and later trigger an issue in the BC-FJA FIPS modules where it is possible for temporary keys used by the module to be zeroed out while still in use by the module,...

CVE-2022-45146

An issue was discovered in the FIPS Java API of Bouncy Castle BC-FJA before 1.0.2.4. Changes to the JVM garbage collector in Java 13 and later trigger an issue in the BC-FJA FIPS modules where it is possible for temporary keys used by the module to be zeroed out while still in use by the module,...

PT-2022-6901 · Oracle +1 · Java +1

Name of the Vulnerable Software and Affected Versions: Bouncy Castle BC-FJA versions prior to 1.0.2.4 Description: An issue in the FIPS Java API of Bouncy Castle BC-FJA is triggered by changes to the JVM garbage collector in Java 13 and later. This issue causes temporary keys used by the module t...

Unspecified Vulnerability in Oracle Java SE (CNVD-2019-37415)

Java SE is the Java Platform Standard Edition, for the development and deployment of desktop, server and embedded devices and real-time environment of Java applications. An unspecified vulnerability exists in the Hotspot component of Oracle Java SE 11.0.4, 13. An attacker could exploit this...