12 matches found
Improper Verification of Cryptographic Signature
Overview Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature via the jwt.decode or jwt.decodecomplete functions when used with a PyJWK key. An attacker can bypass algorithm restrictions and gain unauthorized access to protected resources by signing...
MiracleLinux 7 : java-11-openjdk-11.0.7.10-4.el7 (AXSA:2020-011:04)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-011:04 advisory. OpenJDK: Incorrect bounds checks in NIO Buffers Libraries, 8234841 CVE-2020-2803 OpenJDK: Incorrect type checks in MethodType.readObject Libraries,...
EUVD-2015-5029
Malware in sbrugna...
ROS-20250430-05
Vulnerability of Erlang programming language OTP library set is related to improper packet handling SFTP. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. denial of service Vulnerability of SSH protocol implementation from Erlang/OTP library...
java security update
CentOS Errata and Security Advisory CESA-2020:1509 An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
Important: Red Hat Security Advisory: java-11-openjdk security update
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...
CentOS Update for java CESA-2017:1204 centos7
Check the version of java SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882709";...
OpenJDK: missing algorithm restrictions for jar verification (Libraries, 8155973)
It was discovered that the Libraries component of OpenJDK did not restrict the set of algorithms used for JAR integrity verification. This flaw could allow an attacker to modify content of the JAR file that used weak signing key or hash algorithm...
Medium: java-1.8.0-openjdk
Issue Overview: Improper re-use of NTLM authenticated connections Networking, 8163520: It was discovered that the HTTP client implementation in the Networking component of OpenJDK could cache and re-use an NTLM authenticated connection in a different security context. A remote attacker could...
OpenJDK: MD5 allowed for jar verification (Security, 8171121)
It was discovered that the Security component of OpenJDK did not allow users to restrict the set of algorithms allowed for Jar integrity verification. This flaw could allow an attacker to modify content of the Jar file that used weak signing key or hash algorithm...
OpenJDK: missing algorithm restrictions for jar verification (Libraries, 8155973)
It was discovered that the Libraries component of OpenJDK did not restrict the set of algorithms used for JAR integrity verification. This flaw could allow an attacker to modify content of the JAR file that used weak signing key or hash algorithm...
OpenJDK: missing algorithm restrictions for jar verification (Libraries, 8155973)
It was discovered that the Libraries component of OpenJDK did not restrict the set of algorithms used for JAR integrity verification. This flaw could allow an attacker to modify content of the JAR file that used weak signing key or hash algorithm...