23 matches found
MiracleLinux 7 : icedtea-web-1.7.1-2.0.1.el7.AXS7 (AXSA:2019-3964:01)
The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2019-3964:01 advisory. icedtea-web: path traversal while processing elements of JNLP files results in arbitrary file overwrite CVE-2019-10182 icedtea-web: directory...
PlayStation: PS4 BD-J privilege escalation using nested JAR
A PS4 vulnerability was discovered in the Blu-ray Disc Java BD-J privilege escalation using nested JAR files. The vulnerability was found in the PS4 system software versions 13.00 to the latest version 13.02. The vulnerability was caused by a discrepancy between the security policy's path...
Linux Distros Unpatched Vulnerability : CVE-2024-38807
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Applications that use spring-boot-loader or spring-boot-loader-classic and contain custom code that performs signature verification of nested jar files may be...
GHSA-7CJ3-X93G-GJ76 Signature forgery in Spring Boot's Loader
Applications that use spring-boot-loader or spring-boot-loader-classic and contain custom code that performs signature verification of nested jar files may be vulnerable to signature forgery where content that appears to have been signed by one signer has, in fact, been signed by another...
CVE-2024-38807
Applications that use spring-boot-loader or spring-boot-loader-classic and contain custom code that performs signature verification of nested jar files may be vulnerable to signature forgery where content that appears to have been signed by one signer has, in fact, been signed by another...
UBUNTU-CVE-2024-38807
Applications that use spring-boot-loader or spring-boot-loader-classic and contain custom code that performs signature verification of nested jar files may be vulnerable to signature forgery where content that appears to have been signed by one signer has, in fact, been signed by another...
CVE-2024-38807
Applications that use spring-boot-loader or spring-boot-loader-classic and contain custom code that performs signature verification of nested jar files may be vulnerable to signature forgery where content that appears to have been signed by one signer has, in fact, been signed by another...
CVE-2024-38807
Applications that use spring-boot-loader or spring-boot-loader-classic and contain custom code that performs signature verification of nested jar files may be vulnerable to signature forgery where content that appears to have been signed by one signer has, in fact, been signed by another...
CVE-2024-38807 CVE-2024-38807: Signature Forgery Vulnerability in Spring Boot's Loader
Applications that use spring-boot-loader or spring-boot-loader-classic and contain custom code that performs signature verification of nested jar files may be vulnerable to signature forgery where content that appears to have been signed by one signer has, in fact, been signed by another...
CVE-2024-38807
CVE-2024-38807 describes a signature forgery vulnerability in VMware Spring Boot/loader components where signature verification of nested JARs can be bypassed, enabling content signed by one signer to appear signed by another. The NVD summary matches this description. Connected advisories identif...
OpenJDK: Incorrect handling of nested jar: URLs in Jar URL handler (Networking, 8223892)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multip...
OpenJDK: Incorrect handling of nested jar: URLs in Jar URL handler (Networking, 8223892)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multip...
OpenJDK: Incorrect handling of nested jar: URLs in Jar URL handler (Networking, 8223892)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multip...
OpenJDK: Incorrect handling of nested jar: URLs in Jar URL handler (Networking, 8223892)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multip...
OpenJDK: Incorrect handling of nested jar: URLs in Jar URL handler (Networking, 8223892)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multip...
OpenJDK: Incorrect handling of nested jar: URLs in Jar URL handler (Networking, 8223892)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multip...
OpenJDK: Incorrect handling of nested jar: URLs in Jar URL handler (Networking, 8223892)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multip...
OpenJDK: Incorrect handling of nested jar: URLs in Jar URL handler (Networking, 8223892)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multip...
OpenJDK: Incorrect handling of nested jar: URLs in Jar URL handler (Networking, 8223892)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multip...
Denial Of Service
OpenJDK is vulnerable to denial of service DoS. It is due to an incorrect handling of nested jar: URLs in Jar URL handler...