CentOS 7 : java-1.8.0-ibm (RHSA-2021:0717)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0717 advisory. - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JNDI. Supported versions that are affected are Java SE: 7u271,...

CentOS 7 : java-1.7.1-ibm (RHSA-2020:0468)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0468 advisory. - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization. Supported versions that are affected are Java SE:...

CentOS 7 : java-1.7.1-ibm (RHSA-2021:0733)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0733 advisory. - Vulnerability in the Java SE product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 11.0.8 and 15. Easily...

CentOS 7 : java-1.8.0-ibm (RHSA-2022:8880)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:8880 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are...

CentOS 6 : java-1.7.1-ibm (RHSA-2020:2236)

The remote CentOS Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2236 advisory. - Vulnerability in the Java SE product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 a...

CentOS 7 : java-1.8.0-ibm (RHSA-2020:5585)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:5585 advisory. - In Eclipse OpenJ9 prior to version 0.21 on Power platforms, calling the System.arraycopy method with a length longer than the length of the source or...

CentOS 6 : java-1.7.1-ibm (RHSA-2020:0467)

The remote CentOS Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0467 advisory. - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization. Supported versions that are affected are Java SE:...

CentOS 7 : java-1.8.0-ibm (RHSA-2024:1482)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1482 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supporte...

CentOS 7 : java-1.7.1-ibm (RHSA-2020:2238)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2238 advisory. - Vulnerability in the Java SE product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 a...

CentOS 6 : java-1.8.0-ibm (RHSA-2020:2239)

The remote CentOS Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2239 advisory. - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Kerberos. Supported versions that are affected are Java SE: 7u231...

Bundled JRE Dependency in Bitbucket Data Center and Server

This High severity Third-Party Dependency vulnerability was introduced in versions 8.9.0, 8.19.0, and 9.2.0 of Bitbucket Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 7.4, allows an unauthenticated attacker to expose assets in your environment susceptible...

PT-2024-28980 · Oracle · Java

Name of the Vulnerable Software and Affected Versions: Java affected versions not specified Description: The issue allows an attacker to execute arbitrary code by manipulating Dynamic Code Loading due to improper input validation. This could lead to remote code execution with no additional...

OpenJDK 8 <= 8u412 / 11.0.0 <= 11.0.23 / 17.0.0 <= 17.0.11 / 21.0.0 <= 21.0.3 / 22.0.0 <= 22.0.1 Multiple Vulnerabilities (2024-07-16)

The version of OpenJDK installed on the remote host is prior to 8 = 8u412 / 11.0.0 = 11.0.23 / 17.0.0 = 17.0.11 / 21.0.0 = 21.0.3 / 22.0.0 = 22.0.1. It is, therefore, affected by multiple vulnerabilities as referenced in the 2024-07-16 advisory. Please Note: Java CVEs do not always include OpenJD...

Advisory ROSA-SA-2024-2481

Software: java-11-openjdk 11.0.23.0.9 OS: rosa-server79 packageevrstring: java-11-openjdk-11.0.23.0.9-2.res7 CVE-ID: CVE-2024-20918 BDU-ID: 2024-00485 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Hotspot component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK,...

Advisory ROSA-SA-2024-2480

Software: java-1.8.0-openjdk 1.8.0.412.b08 OS: rosa-server79 packageevrstring: java-1.8.0-openjdk-1.8.0.412.b08-1.res7 CVE-ID: CVE-2024-20918 BDU-ID: 2024-00485 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Hotspot component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM...

This Week in Spring - October 1st, 2024

Hi, Spring fans! it's the first of October! We're officially in the fourth quarter of 2024! Time's moving too quickly. Way too quickly. But as always, there's awesome stuff afoot, so let's dive right in! Spring Framework lead Juergen Hoeller looks at the road ahead, to Spring Framework 6.2 and...

ROS-20240927-14

A vulnerability in the Hotspot component of the Oracle Java SE software platform, Oracle GraalVM virtual machines Enterprise Edition and Oracle GraalVM for JDK is related to writes beyond buffer boundaries in memory. Exploitation of the of the vulnerability could allow an attacker acting remotely...

ROS-20240927-15

A vulnerability in the Hotspot component of the Oracle Java SE software platform, Oracle GraalVM virtual machines Enterprise Edition and Oracle GraalVM for JDK is related to writes beyond buffer boundaries in memory. Exploitation of the of the vulnerability could allow an attacker acting remotely...

SUSE CVE-2013-1490

Unspecified vulnerability in Oracle Java SE 7 Update 11 JRE 1.7.011-b21 allows user-assisted remote attackers to bypass the Java security sandbox via unspecified vectors, aka "Issue 51," a different vulnerability than CVE-2013-0431. NOTE: as of 20130130, this vulnerability does not contain any...

IBM MQ 9.3 CD (7167215)

The version of IBM MQ Server running on the remote host is affected by a vulnerability as referenced in the 7167215 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Concurrency. Supported versions that are affected are Oracle...