56232 matches found
Astra Linux - уязвимость в libxstream-java
XStream is a Java library for serializing objects to XML and back again. Before version 1.4.16, XStream had a vulnerability that could allow a remote attacker to execute arbitrary code by manipulating the processed input stream. However, users who followed the recommendations to set up XStream’s...
Astra Linux - уязвимость в junit4
In JUnit 4, versions starting from 4.7 and before 4.13.1, the TemporaryFolder test rule contains a local information disclosure vulnerability. On Unix-like systems, the system’s temporary directory is shared among all users on that system. As a result, when files and directories are written to th...
Astra Linux – Vulnerability in openjdk-11
Vulnerability in the Oracle Java SE and Oracle GraalVM Enterprise Edition products of Oracle Java SE component: Scripting. The supported versions affected by this vulnerability are Oracle Java SE: 8u451, 8u451-perf, and 11.0.27; Oracle GraalVM Enterprise Edition: 21.3.14. The vulnerability is...
Astra Linux - уязвимость в openjdk-11
A vulnerability exists in Oracle Java SE, Oracle GraalVM for JDK, and Oracle GraalVM Enterprise Edition products of Oracle Java SE component: Hotspot. The versions affected include Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1...
Astra Linux - уязвимость в openjdk-11
Vulnerability in Oracle Java SE component: Hotspot. The supported versions affected include Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, and 23. This vulnerability can be exploited by an unauthenticated attacker with network access via multiple protocols, allowing them to compromi...
Astra Linux – Vulnerability in openjdk-11
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Utility. The supported versions affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. This easily exploitable vulnerability allows an unauthenticat...
Astra Linux – Vulnerability in openjdk-11
A vulnerability exists in the Oracle Java SE and Oracle GraalVM Enterprise Edition products developed by Oracle Java SE component: Hotspot. The versions affected include Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. This easily exploitable...
Astra Linux - уязвимость в libjettison-java
Those who use Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks DOS. If the parser runs on user-supplied input, an attacker may provide content that causes the parser to crash due to out-of-memory conditions. This vulnerability could potentially allow for...
Astra Linux - уязвимость в libxstream-java
XStream is a simple library for serializing objects to XML and back again. In affected versions, this vulnerability may allow a remote attacker to request data from internal resources that are not publicly available, by manipulating the processed input stream with a Java runtime version 14 to 8. ...
Astra Linux - уязвимость в openjdk-11
Vulnerability in the Java SE, Java SE Embedded, and Oracle GraalVM Enterprise Edition products of Oracle Java SE component: Libraries. The supported versions affected by this vulnerability include Java SE: 7u291, 8u281, 11.0.10, 16; Java SE Embedded: 8u281; Oracle GraalVM Enterprise Edition:...
Astra Linux - уязвимость в libxml-security-java
All versions of Apache Santuario – XML Security for Java prior to 2.2.3 and 2.1.7 are vulnerable to a issue where the “secureValidation” property is not passed correctly when creating a KeyInfo from a KeyInfoReference element. This allows an attacker to exploit an XPath Transform to extract any...
Astra Linux – Vulnerability in openjdk-11
Vulnerability in Oracle Java SE Component: Compiler. The supported versions affected are Oracle Java SE: 21.0.6, 24; Oracle GraalVM for JDK: 21.0.6 and 24. This vulnerability is difficult to exploit, allowing an unauthenticated attacker with network access via multiple protocols to compromise...
Astra Linux - уязвимость в openjdk-11
Vulnerability in the Oracle Java SE and Oracle GraalVM Enterprise Edition products of Oracle Java SE component: Serialization. The supported versions affected include Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. This easily exploitable...
Astra Linux - уязвимость в openjdk-11
Vulnerability in the Oracle Java SE and Oracle GraalVM Enterprise Edition products of Oracle Java SE component: Hotspot. The supported versions affected by this vulnerability include Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2, an...
Astra Linux - уязвимость в openjdk-11
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. The supported versions affected by this vulnerability are Java SE: 7u311, 8u301, 11.0.12; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. This vulnerability is difficult to exploit; an...
Astra Linux - уязвимость в openjdk-11
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, and Oracle GraalVM for JDK products of Oracle Java SE component: Hotspot. The supported versions affected by this vulnerability are Oracle Java SE: 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition:...
Astra Linux – Vulnerability in openjdk-11
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, and Oracle GraalVM Enterprise Edition products of Oracle Java SE component: JSSE. The supported versions affected by this vulnerability are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Orac...
Astra Linux - уязвимость в openjdk-11
Vulnerability in the Oracle Java SE and Oracle GraalVM Enterprise Edition products of Oracle Java SE component: JSSE. The supported versions affected by this vulnerability include Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5, and 22.3.1...
Amazon Linux 2023 : bouncycastle, bouncycastle-javadoc, bouncycastle-mail (ALAS2023-2026-1688)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1688 advisory. Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all core modules. This vulnerability is associated with program files...
com.squareup.wire:com.squareup.wire.gradle.plugin (>=7.0.0-alpha01 <=7.0.0-alpha02), com.squareup.wire:wire-compiler (>=7.0.0-alpha01 <=7.0.0-alpha02) +11 more potentially affected by CVE-2026-45799 via com.squareup.wire:wire-runtime-jvm (>=7.0.0-alpha01 <=7.0.0-alpha02)
com.squareup.wire:wire-runtime-jvm MAVEN version =7.0.0-alpha01, =7.0.0-alpha01, =7.0.0-alpha01, =7.0.0-alpha01, =7.0.0-alpha01, =7.0.0-alpha01, =7.0.0-alpha01, =7.0.0-alpha01, =7.0.0-alpha01, =7.0.0-alpha01, =7.0.0-alpha01, =7.0.0-alpha01, =7.0.0-alpha01, =7.0.0-alpha01, =7.0.0-alpha02 Source...