RHEL 8 : java-11-openjdk (RHSA-2023:0197)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0197 advisory. The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fixe...

RHEL 8 : java-11-openjdk (RHSA-2023:0200)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0200 advisory. The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fixe...

Oracle Linux 8 : java-11-openjdk (ELSA-2023-0200)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-0200 advisory. 1:11.0.18.0.10-1 - Update to jdk-11.0.18+10 GA - Update release notes to 11.0.18+10 - Switch to GA mode for release - This tarball is embargoed until...

AlmaLinux 9 : java-11-openjdk (ALSA-2023:0202)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:0202 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected a...

RHEL 8 : java-17-openjdk (RHSA-2023:0191)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0191 advisory. The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fixe...

RHEL 8 : java-11-openjdk (RHSA-2023:0199)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0199 advisory. The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fixe...

CVE-2023-21843

CVE-2023-21843 is a vulnerability in Oracle Java SE (component: Sound) affecting multiple Oracle Java SE versions (8u351, 8u351-perf, 11.0.17, 17.0.5, 19.0.1) and Oracle GraalVM Enterprise Edition (20.3.8, 21.3.4, 22.3.0). It allows an unauthenticated attacker with network access via various prot...

CVE-2023-21843

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Sound. Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf, 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Difficult to exploi...

CVE-2023-21843

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Sound. Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf, 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Difficult to exploi...

CVE-2023-21835

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Easily exploitable vulnerability allows...

CVE-2023-21835

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Easily exploitable vulnerability allows...

CVE-2023-21830

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf; Oracle GraalVM Enterprise Edition: 20.3.8 and 21.3.4. Easily exploitable vulnerability allows...

Security Bulletin: A vulnerability in IBM Java SDK affects IBM Tivoli System Automation Application Manager (CVE-2017-10356)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 used by IBM Tivoli System Automation Application Manager. IBM Tivoli System Automation Application Manager has addressed the applicable CVEs. These issues were also addressed by WebSphere Application Server...

PT-2023-3456

Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 8u351, 8u351-perf, 11.0.17, 17.0.5, 19.0.1 Oracle GraalVM Enterprise Edition versions 20.3.8, 21.3.4, 22.3.0 Description A difficult to exploit vulnerability in the Oracle Java SE and Oracle GraalVM Enterprise Edition...

PT-2023-4769

Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 8u351, 8u351-perf Oracle GraalVM Enterprise Edition versions 20.3.8, 21.3.4 Description The issue is related to the Serialization component in Oracle Java SE and Oracle GraalVM Enterprise Edition, allowing an...

KLA20166 Multiple vulnerabilities in Oracle Java SE and GraalVM

Multiple vulnerabilities were found in Oracle Java SE and GraalVM. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Denial of service vulnerability in JSSE can be exploited to cause denial of...

Azul Zulu Java Multiple Vulnerabilities (2023-01-17)

The version of Azul Zulu installed on the remote host is prior to 6 6.53.0.12 / 7 7.59.0.18 / 8 8.67.0.22 / 11 11.61.18 / 13 13.53.18 / 15 15.45.18 / 17 17.39.20 / 19 19.32.14. It is, therefore, affected by multiple vulnerabilities as referenced in the 2023-01-17 advisory. - Vulnerability in the...

Security Bulletin: ICP Speech to Text, Text to Speech Oracle Java Vulnerability Fix

Summary An Oracle Java vulnerability has been fixed by a Redhat patch https://access.redhat.com/errata/RHSA-2020:0202, included in ICP Watson Text to Speech, Speech to Text v1.1.2 6/19/20. Vulnerability Details CVEID:CVE-2020-2654 DESCRIPTION: An unspecified vulnerability in Java SE related to th...

OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JNDI. Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit...

OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily exploitable vulnerabili...