OpenJDK: Incomplete enforcement of the trustURLCodebase restriction (JNDI, 8199177)

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JNDI. Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Difficult to exploit vulnerability allows unauthenticated attacker with...

OpenJDK: Incomplete enforcement of the trustURLCodebase restriction (JNDI, 8199177)

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JNDI. Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Difficult to exploit vulnerability allows unauthenticated attacker with...

OpenJDK: unbounded memory allocation in BasicAttributes deserialization (JNDI, 8191142)

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JNDI. Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker wit...

The vulnerability of the JAXP component in Java SE, Java SE Embedded, and JRockit software platforms allows attackers to trigger a service failure.

The vulnerability of the JAXP component in Java SE, Java SE Embedded, and JRockit software platforms is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker, operating remotely, to cause a crash or, in rare cases, cause an emergency shutdown through netwo...