SUSE SLED15: java-11-openjdk / java-11-openjdk-accessibility / etc (SUSE-SU-2022:2707-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2707-1 advisory. Update to upstream tag jdk-11.0.16+8 July 2022 CPU - CVE-2022-21540: Improve class compilation...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : OpenJDK vulnerabilities (USN-5546-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5546-1 advisory. Neil Madden discovered that OpenJDK did not properly verify ECDSA signatures. A remote attacker could possibly use this issue to...

Ubuntu 16.04 ESM : OpenJDK 8 vulnerabilities (USN-5546-2)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5546-2 advisory. USN-5546-1 fixed vulnerabilities in OpenJDK. This update provides the corresponding updates for Ubuntu 16.04 ESM. Tenable has extracted the preceding...

SUSE SLES15: java-1_8_0-ibm / java-1_8_0-ibm-32bit / java-1_8_0-ibm-alsa / etc (SUSE-SU-2022:2650-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2650-1 advisory. Update to Java 8.0 Service Refresh 7 Fix Pack 10 bsc1201643 - CVE-2022-21476 bsc1198671, CVE-2022-21449 bsc1198670,...

SUSE SLED15: java-17-openjdk / java-17-openjdk-accessibility / etc (SUSE-SU-2022:2660-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2660-1 advisory. Update to upstream tag jdk-17.0.4+8 July 2022 CPU - CVE-2022-21540: Improve class compilation...

OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Difficult to exploit...

SUSE SLES12: java-11-openjdk / java-11-openjdk-demo / java-11-openjdk-devel / etc (SUSE-SU-2022:2610-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2610-1 advisory. Update to upstream tag jdk-11.0.16+8 July 2022 CPU - CVE-2022-21540: Improve class compilation bsc1201694 - CVE-2022-21541: Enhance...

BSA-2022-1691

Security Advisory ID : BSA-2022-1691 Component : Oracle Java SE Revision : 1.0 Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Swing. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition...

BSA-2022-1693

Security Advisory ID : BSA-2022-1693 Component : Oracle Java SE Revision : 1.0 Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12; Oracle GraalVM Enterprise Edition:...

BSA-2022-1688

Security Advisory ID : BSA-2022-1688 Component : Oracle Java SE Revision : 1.0 Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: ImageIO. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise...

BSA-2022-2025

Security Advisory ID : BSA-2022-2025 Component : Oracle Java SE Revision : 1.0 Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition:...

BSA-2022-1689

Security Advisory ID : BSA-2022-1689 Component : Oracle Java SE Revision : 1.0 Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3...

BSA-2022-1694

Security Advisory ID : BSA-2022-1694 Component : Oracle Java SE Revision : 1.0 Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Java SE: 7u311, 8u301; Oracle GraalVM Enterprise Edition: 20.3.3 an...

BSA-2022-1738

Security Advisory ID : BSA-2022-1738 Component : Oracle Java SE Revision : 1.0 Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Utility. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise...

BSA-2022-2026

Security Advisory ID : BSA-2022-2026 Component : Oracle Java SE Revision : 1.0 GStreamer before 1.18.4 may perform an out-of-bounds read when handling certain ID3v2 tags. Affected Products Brocade SANnav versions before v2.2.1...

BSA-2022-1690

Security Advisory ID : BSA-2022-1690 Component : Oracle Java SE Revision : 1.0 Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Keytool. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise...

OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1.0. Difficult to...

OpenJDK: random exponentials issue (Libraries, 8283875)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 17.0.3.1; Oracle GraalVM Enterprise Edition: 21.3.2 and 22.1.0. Easily exploitable vulnerability allows unauthenticated...

OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1.0. Difficult to...

OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1.0. Difficult to...