AlmaLinux 9 : java-11-openjdk (ALSA-2023:5744)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:5744 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE:...

AlmaLinux 8 : java-11-openjdk (ALSA-2023:5742)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:5742 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE:...

SUSE SLES12 Security Update : java-11-openjdk (SUSE-SU-2023:4152-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:4152-1 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK product of Oracle Java SE component: JSSE. Supported versions that are affecte...

Security Bulletin: Multiple vulnerabilities in IBM® Semeru Runtime affect IBM ILOG CPLEX Optimization Studio (CVE-2023-21968, CVE-2023-21937, CVE-2023-21938)

Summary There are multiple vulnerabilities in IBM® Semeru Runtime Versions 8 and 11 used by IBM ILOG CPLEX Optimization Studio. These issues were disclosed as part of the Oracle / OpenJDK April 2023 Critical Patch Updates. Vulnerability Details CVEID:CVE-2023-21968 DESCRIPTION: An unspecified...

Azul Zulu Java Multiple Vulnerabilities (2023-10-17)

The version of Azul Zulu installed on the remote host is prior to 6 6.59.0.14 / 7 7.65.0.14 / 8 8.73.0.12 / 11 11.67.16 / 17 17.45.16 / 21 21.30.16. It is, therefore, affected by multiple vulnerabilities as referenced in the 2023-10-17 advisory. - Vulnerability in the Oracle Java SE, Oracle Graal...

Amazon Linux 2 : java-17-amazon-corretto (ALAS-2023-2314)

The version of java-17-amazon-corretto installed on the remote host is prior to 17.0.9+8-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2314 advisory. Memory corruption bug on JDK 21 and 20 when AVX-512 is enabled. CVE-2023-22025 Vulnerability in the...

Amazon Linux 2 : java-1.8.0-amazon-corretto (ALASCORRETTO8-2023-008)

The version of java-1.8.0-amazon-corretto installed on the remote host is prior to 1.8.0392.b08-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2CORRETTO8-2023-008 advisory. Vulnerability in Oracle Java SE component: CORBA. Supported versions that are affected a...

Amazon Linux 2 : java-11-amazon-corretto (ALAS-2023-2315)

The version of java-11-amazon-corretto installed on the remote host is prior to 11.0.21+9-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2315 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK product of Oracle Java SE component: JSSE. Supporte...

Oracle Java SE Security Update (oct2023) 01 - Windows

Oracle Java SE is prone to an unspecified vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Java SE Security Update (oct2023) 02 - Linux

Oracle Java SE is prone to an unspecified vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Java SE Security Update (oct2023) 03 - Linux

Oracle Java SE is prone to an unspecified vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Java SE Security Update (oct2023) 03 - Windows

Oracle Java SE is prone to an unspecified vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Java SE Security Update (oct2023) 02 - Windows

Oracle Java SE is prone to an unspecified vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Medium: java-1.8.0-amazon-corretto

Issue Overview: Vulnerability in Oracle Java SE component: CORBA. Supported versions that are affected are Oracle Java SE: 8u381 and 8u381-perf. Easily exploitable vulnerability allows unauthenticated attacker with network access via CORBA to compromise Oracle Java SE. Successful attacks of this...

Vulnerabilities fixed in Oracle Java SE

Vulnerabilities have been fixed in Oracle Java SE products. A malicious party could exploit the vulnerabilities to gain access to sensitive data and/or perform a denial-of-service DoS. The malicious party must trick the victim into executing untrusted java code to execute. Oracle has fixed the...

Medium: java-11-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 20.0.2; Oracle GraalVM for JDK: 17.0.8 and 20.0.2. Easily exploitable vulnerability...

Oracle Linux 7 : java-11-openjdk (ELSA-2023-5736)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-5736 advisory. 1:11.0.21.0.9-1.0.1 - link atomic for ix86 build 1:11.0.21.0.9-1 - Update to jdk-11.0.21+9 GA - Update release notes to 11.0.21+9 - Remove system crypto policy...

Oracle Linux 7 : java-1.8.0-openjdk (ELSA-2023-5761)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-5761 advisory. 1:1.8.0.392.b08-2 - Revert jcmd move as jcmd will not operate without tools.jar - Related: RHEL-13577 1:1.8.0.392.b08-1 - Update to...

OpenJDK: certificate path validation issue during client authentication (8309966)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Oracle GraalVM Enterprise...

OpenJDK: IOR deserialization issue in CORBA (8303384)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: CORBA. Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf; Oracle GraalVM Enterprise Edition: 20.3.11 and 21.3.7. Easily exploitable vulnerability allows...