Amazon Corretto Java 11.x < 11.0.17.8.1 Multiple Vulnerabilities

The version of Amazon Corretto installed on the remote host is prior to 11 11.0.17.8.1. It is, therefore, affected by multiple vulnerabilities as referenced in the corretto-11-2022-Oct-18 advisory. - security-libs/org.ietf.jgss CVE-2022-21618 - security-libs/java.security CVE-2022-21619,...

Oracle OpenJDK Unspecified Vulnerability (CVE-2022-21476)

Oracle OpenJDK is prone to an unspecified vulnerability in the security-libs/java.security component. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Amazon Corretto Java 17.x < 17.0.3.6.1 Multiple Vulnerabilities

The version of Amazon Corretto installed on the remote host is prior to 17 17.0.3.6.1. It is, therefore, affected by multiple vulnerabilities as referenced in the corretto-17-2022-Apr-17 advisory. - zlib before 1.2.12 allows memory corruption when deflating i.e., when compressing if the input has...

Amazon Corretto Java 8.x < 8.332.08.1 Multiple Vulnerabilities

The version of Amazon Corretto installed on the remote host is prior to 8 8.332.08.1. It is, therefore, affected by multiple vulnerabilities as referenced in the corretto-8-2022-Apr-19 advisory. - zlib before 1.2.12 allows memory corruption when deflating i.e., when compressing if the input has...

Amazon Corretto Java 18.x < 18.0.1.10.1 Multiple Vulnerabilities

The version of Amazon Corretto installed on the remote host is prior to 18 18.0.1.10.1. It is, therefore, affected by multiple vulnerabilities as referenced in the corretto-18-2022-Apr-19 advisory. - zlib before 1.2.12 allows memory corruption when deflating i.e., when compressing if the input ha...

Amazon Corretto Java 8.x < 8.312.07.1 Multiple Vulnerabilities

The version of Amazon Corretto installed on the remote host is prior to 8 8.312.07.1. It is, therefore, affected by multiple vulnerabilities as referenced in the corretto-8-2021-Oct-19 advisory. - security-libs/javax.net.ssl CVE-2021-35550, CVE-2021-35578, CVE-2021-35603 - client-libs/javax.swing...

Amazon Corretto Java 11.x < 11.0.13.8.1 Multiple Vulnerabilities

The version of Amazon Corretto installed on the remote host is prior to 11 11.0.13.8.1. It is, therefore, affected by multiple vulnerabilities as referenced in the corretto-11-2021-Oct-19 advisory. - security-libs/javax.net.ssl CVE-2021-35550, CVE-2021-35578, CVE-2021-35603 -...

Amazon Corretto Java 17.x < 17.0.2.8.1 Multiple Vulnerabilities

The version of Amazon Corretto installed on the remote host is prior to 17 17.0.2.8.1. It is, therefore, affected by multiple vulnerabilities as referenced in the corretto-17-2022-Jan-18 advisory. - core-libs/java.io:serialization CVE-2022-21248, CVE-2022-21341 - client-libs/javax.imageio...

Security Bulletin: Vulnerability in RC4 stream cipher affects Rational Service Tester (CVE-2015-2808)

Summary The RC4 “Bar Mitzvah” Attack for SSL/TLS affects Rational Service Tester. Vulnerability Details CVEID: CVE-2015-2808 DESCRIPTION: The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this...

Security Bulletin: Vulnerability in RC4 stream cipher affects Rational Performance Tester (CVE-2015-2808)

Summary The RC4 “Bar Mitzvah” Attack for SSL/TLS affects Rational Performance Tester. Vulnerability Details CVEID: CVE-2015-2808 DESCRIPTION: The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit...

The vulnerability of the installp and updatep packages in the JRE/SDK of the IBM AIX operating system allows a attacker to manipulate the update process for files such as java.security, java.policy, and javaws.policy.

The vulnerability of the installp and updatep packages in the JRE/SDK of the IBM AIX operating system is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to manipulate the update process for files such as java.security, java.policy, and...

Design/Logic Flaw

A flaw in the AIX 5.3, 6.1, 7.1, and 7.2 JRE/SDK installp and updatep packages prevented the java.security, java.policy and javaws.policy files from being updated correctly. IBM X-Force ID: 130809...

CVE-2017-1541

A flaw in the AIX 5.3, 6.1, 7.1, and 7.2 JRE/SDK installp and updatep packages prevented the java.security, java.policy and javaws.policy files from being updated correctly. IBM X-Force ID: 130809...

Oracle Linux 5 / 6 / 7 : java-1.7.0-openjdk (ELSA-2016-2658)

The remote Oracle Linux 5 / 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2016-2658 advisory. 1:1.7.0.121-2.6.8.0.0.1 - Update DISTRONAME in specfile 1:1.7.0.121-2.6.8.0 - Turn off HotSpot bootstrap to see if it resolves build issues. -...

Critical: Red Hat Security Advisory: java-1.7.0-openjdk security update

Updated java-1.7.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, ar...