14450 matches found
K000132263: OpenJDK vulnerability CVE-2023-21843
Security Advisory Description Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Sound. Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf, 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 a...
RHEL 9 : java-1.8.0-openjdk (RHSA-2023:0210)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0210 advisory. The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security...
K000132230: Java SE vulnerability CVE-2023-21835
Security Advisory Description Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Easily...
Amazon Linux 2022 : java-1.8.0-amazon-corretto, java-1.8.0-amazon-corretto-devel (ALAS2022-2023-279)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2023-279 advisory. Improve CORBA communication: CORBA deserialization can result in outbound network connections with data passed in. CVE-2023-21830 Better Banking of Sounds: JARSoundbankReader can load classes...
Amazon Linux 2022 : java-17-amazon-corretto, java-17-amazon-corretto-devel, java-17-amazon-corretto-headless (ALAS2022-2023-281)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2023-281 advisory. Enhance DTLS performance: DTLS does not avail itself of the HelloVerifyRequest message which opens opportunities for DoS. CVE-2023-21835 Better Banking of Sounds: JARSoundbankReader can load...
AlmaLinux 9 : java-17-openjdk (ALSA-2023:0194)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:0194 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected a...
Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.5.2)
The version of AOS installed on the remote host is prior to 6.5.2. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.5.2 advisory. - http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection ...
Amazon Linux 2022 : java-11-amazon-corretto, java-11-amazon-corretto-devel, java-11-amazon-corretto-headless (ALAS2022-2023-280)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2023-280 advisory. Enhance DTLS performance: DTLS does not avail itself of the HelloVerifyRequest message which opens opportunities for DoS. CVE-2023-21835 Better Banking of Sounds: JARSoundbankReader can load...
Oracle Linux 7 : java-1.8.0-openjdk (ELSA-2023-0203)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-0203 advisory. 1:1.8.0.362.b08-1 - Update to shenandoah-jdk8u352-b08 GA - Update release notes for shenandoah-8u352-b08. - Fix broken links and missing release notes ...
RHEL 8 : java-1.8.0-openjdk (RHSA-2023:0207)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0207 advisory. The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security...
Amazon Linux 2 : java-11-amazon-corretto (ALAS-2023-1918)
The version of java-11-amazon-corretto installed on the remote host is prior to 11.0.18+10-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-1918 advisory. Enhance DTLS performance: DTLS does not avail itself of the HelloVerifyRequest message which opens...
SUSE SLES12: java-1_8_0-ibm / java-1_8_0-ibm-alsa / java-1_8_0-ibm-devel / etc (SUSE-SU-2022:1026-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1026-1 advisory. Update Java 8.0 to Service Refresh 7 Fix Pack 5 bsc1197126. Including fixes for the following vulnerabilities: CVE-2022-21366,...
Oracle Linux 9 : java-17-openjdk (ELSA-2023-0194)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-0194 advisory. 1:17.0.6.0.10-3.0.1 - Replace upstream references Orabug: 34340155 1:17.0.6.0.10-3 - Add missing release note for JDK-8295687 - Resolves: rhbz2160111...
RHEL 9 : java-1.8.0-openjdk (RHSA-2023:0209)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0209 advisory. The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security...
Oracle Linux 7 : java-11-openjdk (ELSA-2023-0195)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-0195 advisory. 1:11.0.18.0.10-1 - Update to jdk-11.0.18+10 GA - Update release notes to 11.0.18+10 - Switch to GA mode for release - This tarball is embargoed until...
OpenJDK 7 <= 7u361 / 8 <= 8u352 / 11.0.0 <= 11.0.17 / 13.0.0 <= 13.0.13 / 15.0.0 <= 15.0.9 / 17.0.0 <= 17.0.5 / 19.0.0 <= 19.0.1 Multiple Vulnerabilities (2023-01-17
The version of OpenJDK installed on the remote host is prior to 7 = 7u361 / 8 = 8u352 / 11.0.0 = 11.0.17 / 13.0.0 = 13.0.13 / 15.0.0 = 15.0.9 / 17.0.0 = 17.0.5 / 19.0.0 = 19.0.1. It is, therefore, affected by multiple vulnerabilities as referenced in the 2023-01-17 advisory. Please Note: Java CVE...
Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.6)
The version of AOS installed on the remote host is prior to 6.6. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.6 advisory. - In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead to realloc...
RHEL 8 : java-1.8.0-openjdk (RHSA-2023:0205)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0205 advisory. The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security...
OpenJDK: soundbank URL remote loading (Sound, 8293742)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Sound. Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf, 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Difficult to exploi...
OpenJDK: soundbank URL remote loading (Sound, 8293742)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Sound. Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf, 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Difficult to exploi...