Fedora 35 : java-1.8.0-openjdk (2022-b050ae8974)

"The remote Fedora 35 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-b050ae8974 advisory. New in release OpenJDK 8u352 2022-10-18 Release announcement Full release notes Security Fixes JDK-8282252: Improve BigInteger/Decimal validation...

Fedora 36 : java-1.8.0-openjdk (2022-361f34f2a9)

"The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-361f34f2a9 advisory. New in release OpenJDK 8u352 2022-10-18 Release announcement Full release notes Security Fixes JDK-8282252: Improve BigInteger/Decimal validation...

Fedora 35 : java-latest-openjdk (2022-ec7de69ceb)

The remote Fedora 35 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-ec7de69ceb advisory. New in release OpenJDK 19.0.1 2022-10-18 Full release notes This update depends on FEDORA-2022-10bb6f119e CVEs Fixed - CVE-2022-21618 - CVE-2022-216...

SUSE SLES15: java-1_8_0-openjdk / java-1_8_0-openjdk-accessibility / etc (SUSE-SU-2022:4452-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4452-1 advisory. Update to version jdk8u352 icedtea-3.25.0: - CVE-2022-21619,CVE-2022-21624: Fixed difficult to exploit vulnerability...

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.5.1.8)

The version of AOS installed on the remote host is prior to 6.5.1.8. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.5.1.8 advisory. - libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c. CVE-2022-40674 - If Apache Tomcat 8.5.0...

SUSE SLES12: java-1_8_0-openjdk / java-1_8_0-openjdk-demo / etc (SUSE-SU-2022:4373-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4373-1 advisory. Update to version jdk8u352 icedtea-3.25.0: - CVE-2022-21619,CVE-2022-21624: Fixed difficult to exploit vulnerability allows...

OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily exploitable vulnerabili...

F5 Networks BIG-IP : Java vulnerability (K71522481)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K71522481 advisory. - Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java SE component...

F5 Networks BIG-IP : Java vulnerability (K35253541)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K35253541 advisory. Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that...

SUSE SLES12: java-1_8_0-ibm / java-1_8_0-ibm-alsa / java-1_8_0-ibm-devel / etc (SUSE-SU-2022:4290-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4290-1 advisory. - CVE-2022-21626: An unauthenticated attacker with network access via HTTPS can compromise Oracle Java SE, Oracle GraalVM Enterpris...

SUSE: Security Advisory (SUSE-SU-2022:4290-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2022:4290-1 Security update for java-1_8_0-ibm

This update for java-180-ibm fixes the following issues: - CVE-2022-21626: An unauthenticated attacker with network access via HTTPS can compromise Oracle Java SE, Oracle GraalVM Enterprise Edition bsc1204471. - CVE-2022-21618: An unauthenticated attacker with network access via Kerberos can...

PT-2023-2665

Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 8u361, 8u361-perf, 11.0.18, 17.0.6, 20 Oracle GraalVM Enterprise Edition versions 20.3.9, 21.3.5, 22.3.1 Description The issue allows an unauthenticated attacker with network access via multiple protocols to compromise...

PT-2023-2396

Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 8u361, 8u361-perf, 11.0.18, 17.0.6, 20 Oracle GraalVM Enterprise Edition versions 20.3.9, 21.3.5, 22.3.1 Description The vulnerability is related to the JSSE component of Oracle Java SE and Oracle GraalVM Enterprise...

PT-2023-2661

Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 8u361, 8u361-perf, 11.0.18, 17.0.6 Oracle GraalVM Enterprise Edition versions 20.3.9, 21.3.5, 22.3.1 Description A difficult to exploit vulnerability in the Oracle Java SE and Oracle GraalVM Enterprise Edition allows an...

PT-2023-2664

Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 8u361, 8u361-perf, 11.0.18, 17.0.6, 20 Oracle GraalVM Enterprise Edition versions 20.3.9, 21.3.5, 22.3.1 Description The issue is related to insufficient input validation in the JSSE component of Oracle Java SE and Orac...

PT-2023-2655

Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 8u361, 8u361-perf, 11.0.18, 17.0.6, 20 Oracle GraalVM Enterprise Edition versions 20.3.9, 21.3.5, 22.3.1 Description The issue exists due to insufficient input validation in the Networking component of Oracle Java SE an...

PT-2023-2656

Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 8u361, 8u361-perf, 11.0.18, 17.0.6, 20 Oracle GraalVM Enterprise Edition versions 20.3.8, 21.3.4, 22.3.0 Description The issue is related to insufficient input validation in the Libraries component of Oracle Java SE and...

SUSE SLES15: java-1_8_0-ibm / java-1_8_0-ibm-32bit / java-1_8_0-ibm-alsa / etc (SUSE-SU-2022:4166-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4166-1 advisory. - CVE-2022-21626: An unauthenticated attacker with network access via HTTPS can compromise Oracle Java SE, Oracle...

SUSE-SU-2022:4166-1 Security update for java-1_8_0-ibm

This update for java-180-ibm fixes the following issues: - CVE-2022-21626: An unauthenticated attacker with network access via HTTPS can compromise Oracle Java SE, Oracle GraalVM Enterprise Edition bsc1204471. - CVE-2022-21618: An unauthenticated attacker with network access via Kerberos can...