2 matches found
OpenJDK: Incorrect handling of certificate status messages during TLS handshake (JSSE, 8222678)
Vulnerability in the Java SE component of Oracle Java SE subcomponent: JSSE. Supported versions that are affected are Java SE: 11.0.3 and 12.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to compromise Java SE. Successful attacks require human...
OpenJDK: Unbounded memory allocation during deserialization in Collections (Utilities, 8213432)
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Utilities. Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Easily exploitable vulnerability allows unauthenticated attacker with network access via...