CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedHat Linux•added 2022/07/21 3:4 p.m.•76 views

Important: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.5CVSS6.7AI score0.17673EPSS

RedHat Linux•added 2022/07/21 2:12 p.m.•3 views

OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)

7.5CVSS7AI score0.17673EPSS

RedHat Linux•added 2022/07/21 2:12 p.m.•62 views

Important: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating...

7.5CVSS6.7AI score0.17673EPSS

OSV•added 2022/07/21 1:41 p.m.•40 views

RLSA-2022:5683 Important: java-11-openjdk security, bug fix, and enhancement update

The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. The following packages have been upgraded to a later upstream version: java-11-openjdk 11.0.16.0.8. BZ2084649 Security Fixes: OpenJDK: integer truncation issue in Xalan-J...

7.5CVSS7.2AI score0.17673EPSS

Rockylinux•added 2022/07/21 1:41 p.m.•60 views

java-11-openjdk security, bug fix, and enhancement update

An update is available for java-11-openjdk. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The java-11-openjdk packages provide the OpenJDK 11 Java Runtime...

Tenable Nessus•added 2022/07/21 12:0 a.m.•56 views

Exploits2

RHEL 8 : java-11-openjdk (RHSA-2022:5685)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5685 advisory. The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fixe...

CNVD•added 2022/07/21 12:0 a.m.•82 views

Apache Xalan Input Validation Error Vulnerability

Apache Xalan is an open source software library from the Apache Foundation USA. Apache Xalan Java XSLT Stock in Input Validation Error vulnerability stems from an integer truncation issue when processing malicious XSLT stylesheets. The vulnerability can be exploited to corrupt Java class files...

7.5CVSS8.2AI score0.17673EPSS

Exploits2References1

Tenable Nessus•added 2022/07/21 12:0 a.m.•45 views

RHEL 8 : java-11-openjdk (RHSA-2022:5681)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5681 advisory. The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fixe...

OSV•added 2022/07/21 12:0 a.m.•28 views

Exploits2References12

ALSA-2022:5683 Important: java-11-openjdk security, bug fix, and enhancement update

Tenable Nessus•added 2022/07/21 12:0 a.m.•26 views

RHEL 8 : java-11-openjdk (RHSA-2022:5684)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5684 advisory. The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fixe...

Tenable Nessus•added 2022/07/21 12:0 a.m.•80 views

Amazon Linux 2 : java-17-amazon-corretto (ALAS-2022-1824)

The version of java-17-amazon-corretto installed on the remote host is prior to 17.0.4+8-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1824 advisory. Generated code produced by C1 may leak a package-private class to a class from a different package...

Tenable Nessus•added 2022/07/21 12:0 a.m.•31 views

Exploits2References9

RHEL 8 : java-11-openjdk (RHSA-2022:5683)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5683 advisory. The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. The following...

Veracode•added 2022/07/20 8:21 a.m.•142 views

Exploits2References12

Remote Code Execution

xalan:xalan is vulnerable to remote code execution. An attacker is able to corrupt Java class files generated by the internal XSLTC compiler and execute harmful Java bytecodes on the host machine due to an integer truncation flaw which occurs during XSLT style sheet processing...

7.5CVSS8.5AI score0.17673EPSS

Exploits2References31Affected Software9

OSV•added 2022/07/20 12:0 a.m.•4 views

GHSA-9339-86WC-4QGF Apache Xalan Java XSLT library integer truncation issue when processing malicious XSLT stylesheets

The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. A fix for this issue was published in September 20...