Gadgetinspector - A Byte Code Analyzer For Finding Deserialization Gadget Chains In Java Applications

This project inspects Java libraries and classpaths for gadget chains. Gadgets chains are used to construct exploits for deserialization vulnerabilities. By automatically discovering possible gadgets chains in an application's classpath penetration testers can quickly construct exploits and...

SUSE-SU-2020:14287-1 Security update for java-1_7_1-ibm

This update for java-171-ibm fixes the following issues: Java was updated to 7.1 Service Refresh 4 Fix Pack 60 bsc1162972, bsc1160968. Security issues fixed: - CVE-2020-2583: Fixed a serialization vulnerability in BeanContextSupport bsc1162972. - CVE-2020-2593: Fixed an incorrect check in...

SUSE-SU-2020:14286-1 Security update for java-1_7_0-ibm

This update for java-170-ibm fixes the following issues: Java was updated to 7.0 Service Refresh 10 Fix Pack 60 bsc1162972, bsc1160968. Security issues fixed: - CVE-2020-2583: Fixed a serialization vulnerability in BeanContextSupport bsc1162972. - CVE-2020-2593: Fixed an incorrect check in...

OpenJDK: Serialization filter changes via jdk.serialFilter property modification (Serialization, 8231422)

A flaw was found in the serialization component of OpenJDK handled serialization filter. A process-wide filter could have been modified by setting jdk.serialFilter system property at runtime, possibly leading to a bypass of the intended filter during deserialization...

Oracle Linux 7 : java-1.7.0-openjdk (ELSA-2020-0541)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-0541 advisory. 1:1.7.0.251-2.6.21.0.0.1 - Update DISTRONAME in specfile 1:1.7.0.251-2.6.21.0 - Bump to 2.6.21 and OpenJDK 7u251-b02. - Resolves: rhbz1785753 Tenable h...

RHEL 7 : java-1.7.0-openjdk (RHSA-2020:0541)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0541 advisory. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Security...

Scientific Linux Security Update : java-1.7.0-openjdk on SL7.x x86_64 (20200218)

Security Fixes : - OpenJDK: Use of unsafe RSA-MD5 checksum in Kerberos TGS Security, 8229951 CVE-2020-2601 - OpenJDK: Serialization filter changes via jdk.serialFilter property modification Serialization, 8231422 CVE-2020-2604 - OpenJDK: Improper checks of SASL message properties in GssKrb5Base...

java security update

CentOS Errata and Security Advisory CESA-2020:0541 An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detail...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Content Collector for SAP Applications

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Java™ Version 7 and Java™ Version 8 that is used by IBM Content Collector for SAP Applications. These issues were disclosed as part of the IBM Java SDK updates in Oct 2019. Vulnerability Details CVEID: CVE-2019-2989...

Important: java-1.8.0-openjdk

Issue Overview: Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with netwo...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affecting Rational Functional Tester

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8.0.6.0 used by Rational Functional Tester RFT version 8.6.0.7 - 9.5. RFT has addressed the applicable CVEs. Vulnerability Details Rational Functional Tester has addressed the following: If you run your own...

OpenJDK: Serialization filter changes via jdk.serialFilter property modification (Serialization, 8231422)

A flaw was found in the serialization component of OpenJDK handled serialization filter. A process-wide filter could have been modified by setting jdk.serialFilter system property at runtime, possibly leading to a bypass of the intended filter during deserialization...

Important: Red Hat Security Advisory: java-1.8.0-ibm security update

An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

RHEL 7 : java-1.8.0-ibm (RHSA-2020:0470)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0470 advisory. IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE ...

RHEL 6 : java-1.7.1-ibm (RHSA-2020:0467)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0467 advisory. IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IB...

RHEL 8 : java-1.8.0-ibm (RHSA-2020:0465)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0465 advisory. IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE ...

Important: Red Hat Security Advisory: java-1.8.0-ibm security update

An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 7 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

OpenJDK: Serialization filter changes via jdk.serialFilter property modification (Serialization, 8231422)

A flaw was found in the serialization component of OpenJDK handled serialization filter. A process-wide filter could have been modified by setting jdk.serialFilter system property at runtime, possibly leading to a bypass of the intended filter during deserialization...

OpenJDK: Serialization filter changes via jdk.serialFilter property modification (Serialization, 8231422)

A flaw was found in the serialization component of OpenJDK handled serialization filter. A process-wide filter could have been modified by setting jdk.serialFilter system property at runtime, possibly leading to a bypass of the intended filter during deserialization...

Important: Red Hat Security Advisory: java-1.7.1-ibm security update

An update for java-1.7.1-ibm is now available for Red Hat Enterprise Linux 7 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...