Amazon Corretto Java 8.x < 8.492.09.1 Multiple Vulnerabilities

The version of Amazon Corretto installed on the remote host is 8 prior to 8.492.09.1. It is, therefore, affected by multiple vulnerabilities as referenced in the corretto-8-2026-Apr-21 advisory. - An integer overflow in the ttvarloaditemvariationstore function of the Freetype library in versions...

OpenJDK: Range Check Elimination (RCE) pre-loop limit overflow (8320548)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0....

RHEL 5 : java-1.4.2-ibm (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - OpenJDK: InetSocketAddress serialization issue Networking, 7201071 CVE-2013-0433 - Oracle JDK 7: bypass o...

RHEL 6 : oracle_jdk (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - Oracle JDK: unspecified vulnerability fixed in 6u191, 7u171, and 8u161 Security CVE-2018-2783 -...

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.04 / 23.10 : OpenJDK 8 vulnerabilities (USN-6528-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.04 / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6528-1 advisory. It was discovered that the HotSpot VM implementation in OpenJDK did not properly validate bytecode...

Amazon Linux 2023 : java-1.8.0-amazon-corretto, java-1.8.0-amazon-corretto-devel (ALAS2023-2023-426)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-426 advisory. 2023-11-09: CVE-2023-22081 was added to this advisory. 2023-11-09: CVE-2023-22067 was added to this advisory. An issue was discovered in function ciMethodBlocks::makeblockat in Oracle JDK HotSp...

Important: java-1.8.0-openjdk

Issue Overview: An issue was discovered in function ciMethodBlocks::makeblockat in Oracle JDK HotSpot VM 11, 17 and OpenJDK HotSpot VM 8, 11, 17, allows attackers to cause a denial of service. CVE-2022-40433 Affected Packages: java-1.8.0-openjdk Issue Correction: Run yum update java-1.8.0-openjdk...

AlmaLinux 9 : java-1.8.0-openjdk (ALSA-2023:5733)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:5733 advisory. OpenJDK: segmentation fault in ciMethodBlocks CVE-2022-40433 OpenJDK: IOR deserialization issue in CORBA 8303384 CVE-2023-22067 OpenJDK: certificate path...

AlmaLinux 8 : java-1.8.0-openjdk (ALSA-2023:5731)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:5731 advisory. OpenJDK: segmentation fault in ciMethodBlocks CVE-2022-40433 OpenJDK: IOR deserialization issue in CORBA 8303384 CVE-2023-22067 OpenJDK: certificate path...

Important: java-1.8.0-openjdk

Issue Overview: An issue was discovered in function ciMethodBlocks::makeblockat in Oracle JDK HotSpot VM 11, 17 and OpenJDK HotSpot VM 8, 11, 17, allows attackers to cause a denial of service. CVE-2022-40433 Affected Packages: java-1.8.0-openjdk Note: This advisory is applicable to Amazon Linux 2...

Code injection

An issue was discovered in function ciMethodBlocks::makeblockat in Oracle JDK HotSpot VM 11, 17 and OpenJDK HotSpot VM 8, 11, 17, allows attackers to cause a denial of service. Note: Vendor states that this to is Defense in Depth at most due to the nature of the issue and the special circumstance...

CVE-2022-40433

DISPUTED An issue was discovered in function ciMethodBlocks::makeblockat in Oracle JDK HotSpot VM 11, 17 and OpenJDK HotSpot VM 8, 11, 17, allows attackers to cause a denial of service. Note: Vendor states that this to is Defense in Depth at most due to the nature of the issue and the special...

CVE-2022-40433

CVE-2022-40433 is rejected by its CNA as not a security issue.

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : java-11-openjdk (SUSE-SU-2023:3287-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3287-1 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK...

PT-2023-13790 · Oracle +5 · Oracle Jdk +5

Name of the Vulnerable Software and Affected Versions: Oracle JDK HotSpot VM versions 11 through 17 OpenJDK HotSpot VM versions 8 through 17 Description: An issue was discovered in the function ciMethodBlocks::make block at, allowing attackers to cause a denial of service. The vendor states that...

Security Bulletin: Multiple vulnerabilities in current IBM SDK for Java for WebSphere Application Server October 2013 CPU

Abstract Multiple security vulnerabilities exist in the IBM SDK for Java that is shipped with IBM WebSphere Application Server Content The IBM WebSphere Application Server is shipped with an IBM SDK for Java that is based on the Oracle JDK. Oracle has released October 2013 critical patch updates...

Security Bulletin: WebSphere Application Server - IBM SDK for Java June 2013 CPU

Abstract Multiple security vulnerabilites exist in the IBM SDK for Java that is shipped with IBM WebSphere Application Server. Content The IBM WebSphere Application Server is shipped with an IBM SDK for Java that is based on the Oracle JDK. Oracle has released June 2013 critical patch updates CPU...

GLSA-202209-15 : Oracle JDK/JRE: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202209-15 Oracle JDK/JRE: Multiple vulnerabilities - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 8u251, 11.0.7 and 14.0.1; Java S...

Security Bulletin: Potential security vulnerabilities in IBM Java SDK used in IBM System Networking Element Manager

Summary Potential security exposure when using the Java based applications bundled in IBM System Networking Element Manager due to vulnerabilities in Java Software Developer Kits. See Vulnerability Details for CVE IDs. Vulnerability Details IBM System Networking Element Manager is bundled with th...

Security Bulletin: Tivoli Storage Productivity Center - Oracle CPU February 2013, April 2013

Summary Multiple security vulnerabilities exist in the IBM Java SDK that is shipped with IBM Tivoli Storage Productivity Center. Vulnerability Details IBM Tivoli Storage Productivity Center 5.x and 4.x are shipped with an IBM Java SDK that is based on the Oracle JDK. Oracle released February 2013...