CentOS 8 : java-11-openjdk (CESA-2019:1817)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:1817 advisory. - OpenJDK: Side-channel attack risks in Elliptic Curve EC cryptography Security, 8208698 CVE-2019-2745 - OpenJDK: Insufficient checks of suppressed...

Ubuntu 18.04 LTS : OpenJDK 11 vulnerabilities (USN-4083-1)

The remote Ubuntu 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4083-1 advisory. It was discovered that OpenJDK did not sufficiently validate serial streams before deserializing suppressed exceptions in some situations. An attacker...

USN-4083-1: OpenJDK 11 vulnerabilities

It was discovered that OpenJDK did not sufficiently validate serial streams before deserializing suppressed exceptions in some situations. An attacker could use this to specially craft an object that, when deserialized, would cause a denial of service. CVE-2019-2762 It was discovered that in some...

Information Disclosure

openjdk is vulnerable to information disclosure. It was discovered that the ChaCha20Cipher implementation in the Security component of OpenJDK used non-constant time comparison for comparing tags. A remote attacker could possible use the flaw to leak information about decryption state using the...

CentOS Update for java-11-openjdk CESA-2019:1810 centos7

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

java security update

CentOS Errata and Security Advisory CESA-2019:1810 An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

Amazon Linux 2 : java-11-amazon-corretto (ALAS-2019-1246)

OpenJDK: Insufficient restriction of privileges in AccessController Security, 8216381 CVE-2019-2786 OpenJDK: Unbounded memory allocation during deserialization in Collections Utilities, 8213432 CVE-2019-2769 libpng: pngimagefree in png.c in libpng has a use-after-free because pngimagefreefunction...

Scientific Linux Security Update : java-11-openjdk on SL7.x x86_64 (20190722)

Security Fixes : - OpenJDK: Side-channel attack risks in Elliptic Curve EC cryptography Security, 8208698 CVE-2019-2745 - OpenJDK: Insufficient checks of suppressed exceptions in deserialization Utilities, 8212328 CVE-2019-2762 - OpenJDK: Unbounded memory allocation during deserialization in...

RHEL 8 : java-11-openjdk (RHSA-2019:1817)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1817 advisory. The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fixe...

Moderate: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

Moderate: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

Medium: java-11-amazon-corretto

Issue Overview: OpenJDK: Insufficient restriction of privileges in AccessController Security, 8216381 CVE-2019-2786 OpenJDK: Unbounded memory allocation during deserialization in Collections Utilities, 8213432 CVE-2019-2769 libpng: pngimagefree in png.c in libpng has a use-after-free because...