OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)

The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 o...

Security Bulletin: IBM Operational Decision Manager August 2023 - Multiple CVEs addressed

Summary IBM Operational Decision Manager is vulnerable to multiple remote code execution and denial of service attacks in third party and open source used in the product for various functions. See full list below. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2022-2047...

SUSE SLES12 Security Update : java-1_8_0-ibm (SUSE-SU-2022:3152-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3152-1 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported...

SUSE: Security Advisory (SUSE-SU-2022:2949-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES12 Security Update : java-1_7_1-ibm (SUSE-SU-2022:2898-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2898-1 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported...

SUSE SLED15 / SLES15 Security Update : java-11-openjdk (SUSE-SU-2022:2707-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2707-1 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component:...

SUSE SLES12 Security Update : java-11-openjdk (SUSE-SU-2022:2610-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2610-1 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported...

Debian DSA-5192-1 : openjdk-17 - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5192 advisory. Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in the execution of arbitrary Java bytecode or the bypass of the Java...

Important: java-17-amazon-corretto

Issue Overview: Generated code produced by C1 may leak a package-private class to a class from a different package. CVE-2022-21540 MethodHandle.invokeBasic method can be accessed on byte code level from an arbitrary class. CVE-2022-21541 computeNextExponential sometimes returns negative numbers...

PT-2022-3956

Name of the Vulnerable Software and Affected Versions Apache Xalan Java XSLT library versions prior to 2.7.3 Description The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generat...