14 matches found
MiracleLinux 7 : java-1.8.0-openjdk-1.8.0.171-7.b10.el7 (AXSA:2018-2954:03)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2018-2954:03 advisory. OpenJDK: incorrect handling of Reference clones can lead to sandbox bypass Hotspot, 8192025 CVE-2018-2814 OpenJDK: unrestricted deserialization of...
MiracleLinux 4 : java-1.7.0-openjdk-1.7.0.181-2.6.14.1.AXS4 (AXSA:2018-2999:02)
The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2018-2999:02 advisory. OpenJDK: incorrect handling of Reference clones can lead to sandbox bypass Hotspot, 8192025 CVE-2018-2814 OpenJDK: unrestricted deserialization of...
MGASA-2018-0218 Updated java-1.8.0-openjdk packages fix security vulnerabilities
OpenJDK: incorrect handling of Reference clones can lead to sandbox bypass Hotspot, 8192025 CVE-2018-2814 OpenJDK: unrestricted deserialization of data from JCEKS key stores Security, 8189997 CVE-2018-2794 OpenJDK: insufficient consistency checks in deserialization of multiple classes Security,...
Scientific Linux Security Update : java-1.8.0-openjdk on SL7.x x86_64 (20180419)
Security Fixes : - OpenJDK: incorrect handling of Reference clones can lead to sandbox bypass Hotspot, 8192025 CVE-2018-2814 - OpenJDK: unrestricted deserialization of data from JCEKS key stores Security, 8189997 CVE-2018-2794 - OpenJDK: insufficient consistency checks in deserialization of...
OpenJDK: RMI HTTP transport enabled by default (RMI, 8193833)
Vulnerability in the Java SE, JRockit component of Oracle Java SE subcomponent: RMI. Supported versions that are affected are Java SE: 6u181, 7u171 and 8u162; JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to...
RHEL 5 / 6 : Red Hat Satellite IBM Java Runtime (RHSA-2015:0264)
The remote Redhat Enterprise Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2015:0264 advisory. This update corrects several security vulnerabilities in the IBM Java Runtime Environment shipped as part of Red Hat Satellite 5.6. In a...
RHEL 5 / 6 : java-1.5.0-ibm (RHSA-2015:0136)
The remote Redhat Enterprise Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2015:0136 advisory. - ICU: font parsing OOB read OpenJDK 2D, 8055489 CVE-2014-6585 - ICU: font parsing OOB read OpenJDK 2D, 8056276 CVE-2014-6591 - OpenJDK:...
OpenJDK: incorrect context class loader use in RMI transport (RMI, 8055309)
An improper permission check issue was discovered in the RMI component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions...
OpenJDK: incorrect context class loader use in RMI transport (RMI, 8055309)
An improper permission check issue was discovered in the RMI component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions...
OpenJDK: incorrect context class loader use in RMI transport (RMI, 8055309)
An improper permission check issue was discovered in the RMI component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions...
jdk7-openjdk: multiple issues
CVE-2014-3566 man-in-the-middle Nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. - CVE-2014-6585 out-of-bounds read Allows remote attackers to affect confidentiality via font parsing...
jdk8-openjdk: multiple issues
CVE-2014-3566 man-in-the-middle Nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. - CVE-2014-6549 arbitrary code execution Incorrect class loader permission check in ClassLoader...
jre7-openjdk-headless: multiple issues
CVE-2014-3566 man-in-the-middle Nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. - CVE-2014-6587 privilege escalation MulticastSocket NULL pointer dereference allows local users to...
OpenJDK: incorrect context class loader use in RMI transport (RMI, 8055309)
An improper permission check issue was discovered in the RMI component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions...