10 matches found
Huawei EulerOS: Security Advisory for java-1.8.0-openjdk (EulerOS-SA-2018-1028)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2018-2634
The JGSS component of OpenJDK ignores the value of the javax.security.auth.useSubjectCredsOnly property when using HTTP/SPNEGO authentication and always uses global credentials. It was discovered that this could cause global credentials to be unexpectedly used by an untrusted Java application...
Information Disclosure
Oracle Java SE is vulnerable to information disclosure attacks. This is because the JGSS component of OpenJDK ignores the value of the javax.security.auth.useSubjectCredsOnly property when using HTTP/SPNEGO authentication and always uses global credentials. A local attacker could possibly use thi...
OpenJDK: use of global credentials for HTTP/SPNEGO (JGSS, 8186600)
The JGSS component of OpenJDK ignores the value of the javax.security.auth.useSubjectCredsOnly property when using HTTP/SPNEGO authentication and always uses global credentials. It was discovered that this could cause global credentials to be unexpectedly used by an untrusted Java application...
Amazon Linux AMI : java-1.7.0-openjdk (ALAS-2018-974)
DerValue unbounded memory allocation : It was discovered that the Libraries component of OpenJDK failed to sufficiently limit the amount of memory allocated when reading DER encoded input. A remote attacker could possibly use this flaw to make a Java application use an excessive amount of memory ...
Important: Red Hat Security Advisory: java-1.7.1-ibm security update
An update for java-1.7.1-ibm is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Important: Red Hat Security Advisory: java-1.7.1-ibm security update
An update for java-1.7.1-ibm is now available for Red Hat Enterprise Linux 7 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
OpenJDK: use of global credentials for HTTP/SPNEGO (JGSS, 8186600)
The JGSS component of OpenJDK ignores the value of the javax.security.auth.useSubjectCredsOnly property when using HTTP/SPNEGO authentication and always uses global credentials. It was discovered that this could cause global credentials to be unexpectedly used by an untrusted Java application...
MGASA-2018-0104 Updated java-1.8.0-openjdk packages fix security vulnerability
Multiple flaws were found in the Hotspot and AWT components of OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions CVE-2018-2582, CVE-2018-2641. It was discovered that the LDAPCertStore class in the JNDI component of OpenJDK failed to...
Oracle Linux 6 / 7 : java-1.8.0-openjdk (ELSA-2018-0095)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-0095 advisory. 1:1.8.0.161-0.b14 - Update to b14 with updated Zero fix for 8174962 S8194828 - Resolves: rhbz1528233 1:1.8.0.161-0.b13 - Update to b13 including Ze...