CentOS 7 : java-1.8.0-openjdk (RHSA-2023:0203)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0203 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that ar...

Debian DSA-5331-1 : openjdk-11 - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5331 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are...

Oracle Linux 8 : java-1.8.0-openjdk (ELSA-2023-0208)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-0208 advisory. 1:1.8.0.362.b09-2 - Update cacerts patch to fix OPENJDK-1433 SecurityManager issue - Update to shenandoah-jdk8u352-b09 GA - Update release notes for...

K000132263: OpenJDK vulnerability CVE-2023-21843

Security Advisory Description Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Sound. Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf, 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 a...

RHEL 9 : java-1.8.0-openjdk (RHSA-2023:0210)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0210 advisory. The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security...

RHEL 8 : java-1.8.0-openjdk (RHSA-2023:0208)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0208 advisory. The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security...

K000132230: Java SE vulnerability CVE-2023-21835

Security Advisory Description Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Easily...

Amazon Linux 2022 : java-1.8.0-amazon-corretto, java-1.8.0-amazon-corretto-devel (ALAS2022-2023-279)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2023-279 advisory. Improve CORBA communication: CORBA deserialization can result in outbound network connections with data passed in. CVE-2023-21830 Better Banking of Sounds: JARSoundbankReader can load classes...

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.5.2)

The version of AOS installed on the remote host is prior to 6.5.2. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.5.2 advisory. - http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection ...

Amazon Linux 2022 : java-11-amazon-corretto, java-11-amazon-corretto-devel, java-11-amazon-corretto-headless (ALAS2022-2023-280)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2023-280 advisory. Enhance DTLS performance: DTLS does not avail itself of the HelloVerifyRequest message which opens opportunities for DoS. CVE-2023-21835 Better Banking of Sounds: JARSoundbankReader can load...

Amazon Linux 2022 : java-17-amazon-corretto, java-17-amazon-corretto-devel, java-17-amazon-corretto-headless (ALAS2022-2023-281)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2023-281 advisory. Enhance DTLS performance: DTLS does not avail itself of the HelloVerifyRequest message which opens opportunities for DoS. CVE-2023-21835 Better Banking of Sounds: JARSoundbankReader can load...

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.6)

The version of AOS installed on the remote host is prior to 6.6. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.6 advisory. - In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead to realloc...

RHEL 7 : java-1.8.0-openjdk (RHSA-2023:0203)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0203 advisory. The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security...

RHEL 8 : java-1.8.0-openjdk (RHSA-2023:0205)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0205 advisory. The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security...

OpenJDK 7 <= 7u361 / 8 <= 8u352 / 11.0.0 <= 11.0.17 / 13.0.0 <= 13.0.13 / 15.0.0 <= 15.0.9 / 17.0.0 <= 17.0.5 / 19.0.0 <= 19.0.1 Multiple Vulnerabilities (2023-01-17

The version of OpenJDK installed on the remote host is prior to 7 = 7u361 / 8 = 8u352 / 11.0.0 = 11.0.17 / 13.0.0 = 13.0.13 / 15.0.0 = 15.0.9 / 17.0.0 = 17.0.5 / 19.0.0 = 19.0.1. It is, therefore, affected by multiple vulnerabilities as referenced in the 2023-01-17 advisory. Please Note: Java CVE...

RHEL 9 : java-1.8.0-openjdk (RHSA-2023:0209)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0209 advisory. The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security...

RHEL 8 : java-1.8.0-openjdk (RHSA-2023:0207)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0207 advisory. The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security...

Amazon Linux 2 : java-11-amazon-corretto (ALAS-2023-1918)

The version of java-11-amazon-corretto installed on the remote host is prior to 11.0.18+10-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-1918 advisory. Enhance DTLS performance: DTLS does not avail itself of the HelloVerifyRequest message which opens...

Oracle Linux 7 : java-1.8.0-openjdk (ELSA-2023-0203)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-0203 advisory. 1:1.8.0.362.b08-1 - Update to shenandoah-jdk8u352-b08 GA - Update release notes for shenandoah-8u352-b08. - Fix broken links and missing release notes ...

SUSE SLES12: java-1_8_0-ibm / java-1_8_0-ibm-alsa / java-1_8_0-ibm-devel / etc (SUSE-SU-2022:1026-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1026-1 advisory. Update Java 8.0 to Service Refresh 7 Fix Pack 5 bsc1197126. Including fixes for the following vulnerabilities: CVE-2022-21366,...