8 matches found
OpenJDK: Insufficient filtering of HTML event attributes in Javadoc (Javadoc, 8226765)
Vulnerability in the Java SE product of Oracle Java SE component: Javadoc. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful...
OpenJDK: Insufficient filtering of HTML event attributes in Javadoc (Javadoc, 8226765)
Vulnerability in the Java SE product of Oracle Java SE component: Javadoc. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful...
Virtuozzo 6 : java-1.7.0-openjdk / java-1.7.0-openjdk-demo / etc (VZLSA-2019-3158)
An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Scientific Linux Security Update : java-1.8.0-openjdk on SL6.x i386/x86_64 (20191018)
Security Fixes : - OpenJDK: Improper handling of Kerberos proxy credentials Kerberos, 8220302 CVE-2019-2949 - OpenJDK: Unexpected exception thrown during regular expression processing in Nashorn Scripting, 8223518 CVE-2019-2975 - OpenJDK: Incorrect handling of nested jar: URLs in Jar URL handler...
OpenJDK: Insufficient filtering of HTML event attributes in Javadoc (Javadoc, 8226765)
Vulnerability in the Java SE product of Oracle Java SE component: Javadoc. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful...
Scientific Linux Security Update : java-1.8.0-openjdk on SL7.x x86_64 (20191016)
Security Fixes : - OpenJDK: Improper handling of Kerberos proxy credentials Kerberos, 8220302 CVE-2019-2949 - OpenJDK: Unexpected exception thrown during regular expression processing in Nashorn Scripting, 8223518 CVE-2019-2975 - OpenJDK: Incorrect handling of nested jar: URLs in Jar URL handler...
OpenJDK: Insufficient filtering of HTML event attributes in Javadoc (Javadoc, 8226765)
Vulnerability in the Java SE product of Oracle Java SE component: Javadoc. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful...
Cross-site Scripting (XSS)
OpenJDK is vulnerable to cross-site scripting XSS. The vulnerability exists through insufficient filtering of HTML event attributes in Javadoc...