PT-2024-1227

Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1 Oracle GraalVM for JDK versions 17.0.9, 21.0.1 Oracle GraalVM Enterprise Edition versions 20.3.12, 21.3.8, 22.3.4 Description The issue exists due to insufficient input...

Security Vulnerabilities in Selected Oracle Products

Oracle Java SE and Oracle GraalVM are both products of Oracle Corporation.Oracle Java SE is a product for developing and deploying Java applications for desktops, servers, and embedded devices and real-time environments.Oracle GraalVM is a set of on-the-fly compilers written in the Java language...

EulerOS 2.0 SP8 : java-1.8.0-openjdk (EulerOS-SA-2023-3130)

According to the versions of the java-1.8.0-openjdk packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE component:...

Amazon Linux 2 : java-11-openjdk (ALASJAVA-OPENJDK11-2024-006)

The version of java-11-openjdk installed on the remote host is prior to 11.0.21.0.9-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2JAVA-OPENJDK11-2024-006 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK product of Oracle Java SE component: JSSE...

Amazon Linux AMI : java-1.8.0-openjdk (ALAS-2024-1904)

The version of java-1.8.0-openjdk installed on the remote host is prior to 1.8.0.392.b08-2.82. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2024-1904 advisory. Vulnerability in Oracle Java SE component: CORBA. Supported versions that are affected are Oracle Jav...

Amazon Linux 2 : java-1.8.0-openjdk (ALAS-2024-2397)

The version of java-1.8.0-openjdk installed on the remote host is prior to 1.8.0.392.b08-2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2397 advisory. Vulnerability in Oracle Java SE component: CORBA. Supported versions that are affected are Oracle Java...

Medium: java-1.8.0-openjdk

Issue Overview: Vulnerability in Oracle Java SE component: CORBA. Supported versions that are affected are Oracle Java SE: 8u381 and 8u381-perf. Easily exploitable vulnerability allows unauthenticated attacker with network access via CORBA to compromise Oracle Java SE. Successful attacks of this...

Vulnerabilities fixed in IBM DB2

IBM has fixed vulnerabilities in several DB2 products such as DB2, DB2 for Cloud Pak and Web Query for i. A malicious party could exploit the exploit the vulnerabilities to grant himself locally elevated privileges assigned arbitrary code and thus execute arbitrary code with potentially privilege...

Security Bulletin: Multiple vulnerabilities in IBM® SDK, Java™ Technology Edition affect IBM Virtualization Engine TS7700 - October 2017, January 2018 and April 2018

Summary There are multiple vulnerabilities in IBM® SDK, Java™ Technology Edition, Versions 7 and 8, that are used by IBM Virtualization Engine TS7700. These issues were disclosed as part of the IBM Java SDK updates in October 2017, January 2018 and April 2018. Vulnerability Details CVEID:...

K000138103: Oracle Java SE vulnerabilities CVE-2023-22067 and CVE-2023-22081

Security Advisory Description Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: CORBA. Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf; Oracle GraalVM Enterprise Edition: 20.3.11 and 21.3.7. Easily exploitable...

CentOS 7 : java-1.8.0-openjdk (RHSA-2023:5761)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5761 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: CORBA. Supported versions that are affect...

CentOS 7 : java-11-openjdk (RHSA-2023:5736)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:5736 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions...

CentOS 7 : java-1.8.0-ibm (RHSA-2023:4160)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4160 advisory. - IBM SDK, Java Technology Edition 7.1.5.18 and 8.0.8.0 could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe...

CentOS 7 : java-11-openjdk (RHSA-2023:4233)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4233 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE component: Networking...

CentOS 7 : java-1.8.0-openjdk (RHSA-2023:4166)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4166 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE component: Hotspot. Supporte...

CentOS 7 : java-1.8.0-ibm (RHSA-2023:3136)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3136 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JAXP. Supported versions that are affecte...

CentOS 7 : java-1.8.0-ibm (RHSA-2023:4876)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:4876 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE component: Libraries. Supported...

Advisory ROSA-SA-2023-2315

Software: java-1.8.0-openjdk 1.8.0.392.b08 OS: rosa-server79 packageevrstring: java-1.8.0-openjdk-1.8.0.392.b08-2.res7 CVE-ID: CVE-2020-14583 BDU-ID: 2020-03866 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Libraries component of the Oracle Java SE and Oracle Java SE Embedded software platform...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect AIX

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition, Version 8 used by AIX. AIX has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2023-22081 DESCRIPTION: An unspecified vulnerability in Oracle Java SE, Oracle GraalVM for JDK related to the JSSE component...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Storage Scale packaged in Elastic Storage Server

Summary There are multiple vulnerabilities in Java™ Technology Edition used by the Elastic Storage Server. Fixes for all these vulnerabilities are available. Vulnerability Details CVEID:CVE-2023-22045 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow a...