11652 matches found
Oracle Linux 8 : java-1.8.0-openjdk (ELSA-2022-7006)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-7006 advisory. 1:1.8.0.352.b08-2 - Update in-tree tzdata to 2022e with JDK-8294357 & JDK-8295173 - Add test to ensure timezones can be translated - Related: rhbz21336...
Scientific Linux Security Update : java-1.8.0-openjdk on SL7.x i686/x86_64 (2022:7002)
The remote Scientific Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the SLSA-2022:7002-1 advisory. - OpenJDK: excessive memory allocation in X.509 certificate parsing Security, 8286533 CVE-2022-21626 - OpenJDK: HttpServer no connection count...
Oracle Linux 7 : java-11-openjdk (ELSA-2022-7008)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-7008 advisory. 1:11.0.17.0.8-2.0.1 - link atomic for ix86 build 1:11.0.17.0.8-2 - Update in-tree tzdata to 2022e with JDK-8294357 & JDK-8295173 - Update CLDR data wit...
CVE-2022-31684: Reactor Netty HTTP Server may log request headers
The Reactor Netty 1.0.24 release on October 11 included fix for CVE-2022-31684 affecting Reactor Netty HTTP Server. Users are encouraged to update as soon as possible. Reactor Netty is used internally in many frameworks including Spring WebFlux and its WebClient. If you have a Spring Boot...
Invalid HTTP requests in Reactor Netty HTTP Server may reveal access tokens
Reactor Netty HTTP Server, in versions 1.0.11 - 1.0.23, may request log headers in some cases of invalid HTTP requests. The logged headers may reveal valid access tokens to those with access to server logs. This may affect only invalid HTTP requests where logging at WARN level is enabled...
Moderate: Red Hat Security Advisory: OpenJDK 17.0.5 Security Update for Portable Linux Builds
The Red Hat build of OpenJDK 17 java-17-openjdk is now available for portable Linux. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
OpenJDK: HttpServer no connection count limit (Lightweight HTTP Server, 8286918)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Lightweight HTTP Server. Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0...
OpenJDK: HttpServer no connection count limit (Lightweight HTTP Server, 8286918)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Lightweight HTTP Server. Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0...
OpenJDK: HttpServer no connection count limit (Lightweight HTTP Server, 8286918)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Lightweight HTTP Server. Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0...
Moderate: Red Hat Security Advisory: java-17-openjdk security and bug fix update
An update for java-17-openjdk is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
Moderate: Red Hat Security Advisory: java-1.8.0-openjdk security update
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
RLSA-2022:7013 Moderate: java-11-openjdk security and bug fix update
The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fixes: OpenJDK: improper MultiByte conversion can lead to buffer overflow JGSS, 8286077 CVE-2022-21618 OpenJDK: excessive memory allocation in X.509 certificate...
java-11-openjdk security and bug fix update
An update is available for java-11-openjdk. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The java-11-openjdk packages provide the OpenJDK 11 Java Runtime...
java-1.8.0-openjdk security update
An update is available for java-1.8.0-openjdk. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime...
RLSA-2022:7007 Moderate: java-1.8.0-openjdk security update
The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fixes: OpenJDK: excessive memory allocation in X.509 certificate parsing Security, 8286533 CVE-2022-21626 OpenJDK: HttpServer no connection count limit...
RHEL 9 : java-1.8.0-openjdk (RHSA-2022:7007)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:7007 advisory. The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security...
SUSE SLES15 / openSUSE 15 Security Update : buildah (SUSE-SU-2022:3655-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3655-1 advisory. Buildah was updated to version 1.27.1: - CVE-2021-20206: Fixed an issue in libcni that could allow an attacker to...
RHEL 8 : java-11-openjdk (RHSA-2022:7011)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:7011 advisory. The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fixe...
RHEL 7 : java-1.8.0-openjdk (RHSA-2022:7002)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:7002 advisory. The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security...
ALSA-2022:7013 Moderate: java-11-openjdk security and bug fix update
The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fixes: OpenJDK: improper MultiByte conversion can lead to buffer overflow JGSS, 8286077 CVE-2022-21618 OpenJDK: excessive memory allocation in X.509 certificate...