Important: java-1.8.0-openjdk

Issue Overview: A vulnerability that allows an attacker to execute arbitrary java code from the javascript engine even though the option "--no-java" was set. CVE-2024-20918 With carefully crafted custom bytecodes, arbitrary unverified bytecodes could be executed. CVE-2024-20919 Loop optimizations...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : java-11-openjdk (SUSE-SU-2024:0321-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0321-1 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition...

OESA-2024-1127 openjdk-1.8.0 security update

Security Fixes: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK: 17.0.9, 21.0.1;...

K000138462: Oracle Java vulnerabilities CVE-2024-20922, CVE-2024-20923

Security Advisory Description CVE-2024-20922 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JavaFX. Supported versions that are affected are Oracle Java SE: 8u391; Oracle GraalVM Enterprise Edition: 20.3.12 and 21.3.8. Difficult to...

Debian dsa-5613 : openjdk-17-dbg - security update

The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5613 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported...

Debian dla-3728 : openjdk-11-dbg - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3728 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3728-1 [email protected]...

Improper Access Control

Oracle Java SE is vulnerable to Improper Access Control. The vulnerability is caused due to improper handling of untrusted code in the Java sandbox environment. This allows unauthenticated attackers with network access to exploit the system and gain unauthorized access to create, delete, or modif...

Unauthorized Access

Oracle Java SE is vulnerable to Unauthorized Access. The vulnerability is due to a flaw in the security component that allows a low-privileged attacker with logon access to the infrastructure to compromise the system, potentially resulting in unauthorized access to critical data or complete acces...

CentOS 7 : java-1.8.0-openjdk (RHSA-2024:0223)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0223 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supporte...

CentOS 7 : java-11-openjdk (RHSA-2024:0232)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0232 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supporte...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Content Manager Enterprise Edition ((CVE-2015-0410, CVE-2014-6593, CVE-2015-0383, CVE-2015-0138))

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Versions 5 and 7, that is used by Content Manager Enterprise Edition. These issues were disclosed as part of the IBM Java SDK updates in January 2015. This bulletin also addresses the “FREAK: Factorin...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Content Manager Enterprise Edition

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Versions 7 & 8 used by Content Manager Enterprise Edition. These issues were disclosed as part of the IBM Java SDK updates in Oct 2017. Vulnerability Details If you run your own Java code using the IBM Java Runtime...

Security Bulletin: IBM Security Directory Integrator affected by multiple vulnerabilities affecting IBM Java SDK

Summary Security Vulnerabilities found in IBM Java SDK shipped with IBM Security Directory Integrator have been addressed with this update. Vulnerability Details CVEID:CVE-2023-21930 DESCRIPTION: An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the JSSE...

SUSE SLES12 Security Update : java-11-openjdk (SUSE-SU-2024:0203-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0203-1 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE componen...

The vulnerability of the JavaFX component of Oracle Java SE and the Oracle GraalVM Enterprise Edition virtual machine allows attackers to access confidential information.

The vulnerability of the JavaFX component of Oracle Java SE and the Oracle GraalVM Enterprise Edition software exists due to insufficient testing of input data. Exploiting this vulnerability can allow an attacker to gain access to confidential information...

The vulnerability of the Security component of Oracle Java SE and Oracle GraalVM for JDK/Oracle GraalVM Enterprise Edition software allows attackers to access confidential information.

The vulnerability of the Security component of Oracle Java SE and Oracle GraalVM for JDK/Oracle GraalVM Enterprise Edition software exists due to insufficient validation of input data. Exploiting this vulnerability can allow attackers to access confidential information...

The vulnerability of the Hotspot component in Oracle Java SE and Oracle GraalVM for JDK/Oracle GraalVM Enterprise Edition virtual machines allows attackers to compromise data integrity.

The vulnerability of the Hotspot component of Oracle Java SE and the Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines exists due to insufficient testing of input data. Exploiting this vulnerability can allow an attacker to compromise data integrity remotely...

The vulnerability of the Security component of the Oracle Java SE software platform, as well as the Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines, allows attackers to gain access to modify, add, or delete data.

The vulnerability of the Security component of Oracle Java SE software, as well as of Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines, exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to compromise the...

The vulnerability of the JavaFX component of the Oracle Java SE software platform and the Oracle GraalVM Enterprise Edition virtual machine allows attackers to compromise the integrity of protected information.

The vulnerability of the JavaFX component of Oracle Java SE and the Oracle GraalVM Enterprise Edition platform exists due to insufficient testing of input data. Exploiting this vulnerability can allow an attacker to compromise the integrity of protected information...

Oracle Linux 8 / 9 : java-1.8.0-openjdk (ELSA-2024-0265)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-0265 advisory. 1:1.8.0.402.b06-0.2.0.1 - Update to shenandoah-jdk8u402-b06 GA - Update release notes for shenandoah-8u402-b06. - Add Oracle vendor bug URL Orabug:...