OSV-2023-1286 Security exception in java.base/sun.security.util.DerInputStream.getUnalignedBitString

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=64975 Crash type: Security exception Crash state: java.base/sun.security.util.DerInputStream.getUnalignedBitString java.base/sun.security.x509.X509Key.parse java.base/sun.security.x509.CertificateX509Key...

OpenJDK: Unexpected exception raised by DerInputStream (Libraries, 8237731)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u261 and 8u251; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols ...

RHEL 7 : java-1.7.1-ibm (RHSA-2020:3388)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3388 advisory. IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IB...

RHEL 6 : java-1.7.1-ibm (RHSA-2020:3387)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3387 advisory. IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IB...

CentOS: Security Advisory for java (CESA-2020:2968)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

java security update

CentOS Errata and Security Advisory CESA-2020:2968 An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detail...

CentOS 6 : java-1.8.0-openjdk (RHSA-2020:2985)

The remote CentOS Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2985 advisory. - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 8u25...

Updated java-1.8.0-openjdk packages fix security vulnerability

Bypass of boundary checks in nio.Buffer via concurrent access. CVE-2020-14583 Incomplete bounds checks in Affine Transformations. CVE-2020-14593 Incorrect handling of access control context in ForkJoinPool. CVE-2020-14556 Unexpected exception raised by DerInputStream. CVE-2020-14578 Unexpected...

Important: Red Hat Security Advisory: java-1.8.0-openjdk security update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

RHEL 8 : java-1.8.0-openjdk (RHSA-2020:3100)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3100 advisory. The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security...

Oracle Linux 6 : java-1.8.0-openjdk (ELSA-2020-2985)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-2985 advisory. 1:1.8.0.262.b10-0 - Update to aarch64-shenandoah-jdk8u262-b10. - Switch to GA mode for final release. - Update release notes for 8u262 release. - Fix...

Denial Of Service (DoS)

openjdk is vulnerable to denial of service. Unexpected exception raised by DerInputStream results in a partial denial of service condition which results in an application crash...

Scientific Linux Security Update : java-1.8.0-openjdk on SL7.x x86_64 (20200716)

Security Fixes : - OpenJDK: Bypass of boundary checks in nio.Buffer via concurrent access Libraries, 8238920 CVE-2020-14583 - OpenJDK: Incomplete bounds checks in Affine Transformations 2D, 8240119 CVE-2020-14593 - OpenJDK: Incorrect handling of access control context in ForkJoinPool Libraries,...

Important: Red Hat Security Advisory: java-1.8.0-openjdk security update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...