2272 matches found
OpenJDK: Unexpected exception thrown by Pattern processing crafted regular expression (Concurrency, 8222684)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Concurrency. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...
OpenJDK: Unexpected exception thrown by Pattern processing crafted regular expression (Concurrency, 8222684)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Concurrency. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...
EulerOS 2.0 SP5 : libXfont (EulerOS-SA-2019-2539)
According to the versions of the libXfont package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In the PatternMatch function in fontfile/fontdir.c in libXfont through 1.5.2 and 2.x before 2.0.2, an attacker with access to an X connection c...
OpenJDK: Unexpected exception thrown by Pattern processing crafted regular expression (Concurrency, 8222684)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Concurrency. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...
OpenJDK: Unexpected exception thrown by Pattern processing crafted regular expression (Concurrency, 8222684)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Concurrency. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...
GHSA-RH46-3FGC-MVRF Validation bypass is possible in Json Pattern Validator
In jpv aka Json Pattern Validator before 2.1.1, compareCommon can be bypassed because certain internal attributes can be overwritten via a conflicting name, as demonstrated by 'constructor': 'name':'Array'. This affects validate. Hence, a crafted payload can overwrite this builtin attribute to...
Validation bypass is possible in Json Pattern Validator
In jpv aka Json Pattern Validator before 2.1.1, compareCommon can be bypassed because certain internal attributes can be overwritten via a conflicting name, as demonstrated by 'constructor': 'name':'Array'. This affects validate. Hence, a crafted payload can overwrite this builtin attribute to...
CVE-2019-19507
In jpv aka Json Pattern Validator before 2.1.1, compareCommon can be bypassed because certain internal attributes can be overwritten via a conflicting name, as demonstrated by 'constructor': 'name':'Array'. This affects validate. Hence, a crafted payload can overwrite this builtin attribute to...
CVE-2019-19507
In jpv aka Json Pattern Validator before 2.1.1, compareCommon can be bypassed because certain internal attributes can be overwritten via a conflicting name, as demonstrated by 'constructor': 'name':'Array'. This affects validate. Hence, a crafted payload can overwrite this builtin attribute to...
CVE-2019-19507
In jpv aka Json Pattern Validator before 2.1.1, compareCommon can be bypassed because certain internal attributes can be overwritten via a conflicting name, as demonstrated by 'constructor': 'name':'Array'. This affects validate. Hence, a crafted payload can overwrite this builtin attribute to...
CVE-2019-19507
CVE-2019-19507 affects jpv (Json Pattern Validator) prior to version 2.1.1. The vulnerability arises in compareCommon(), where internal attributes can be overwritten via a conflicting property name (e.g., constructor: { name: 'Array' }), allowing an attacker to bypass validation logic and manipul...
SUSE-SU-2019:3083-1 Security update for java-11-openjdk
This update for java-11-openjdk fixes the following issues: Security issues fixed October 2019 CPU bsc1154212: - CVE-2019-2933: Windows file handling redux - CVE-2019-2945: Better socket support - CVE-2019-2949: Better Kerberos ccache handling - CVE-2019-2958: Build Better Processes -...
openSUSE Security Update : java-11-openjdk (openSUSE-2019-2565)
This update for java-11-openjdk to version jdk-11.0.5-10 fixes the following issues : Security issues fixed October 2019 CPU bsc1154212: - CVE-2019-2933: Windows file handling redux - CVE-2019-2945: Better socket support - CVE-2019-2949: Better Kerberos ccache handling - CVE-2019-2958: Build Bett...
openSUSE Security Update : java-11-openjdk (openSUSE-2019-2557)
This update for java-11-openjdk to version jdk-11.0.5-10 fixes the following issues : Security issues fixed October 2019 CPU bsc1154212: - CVE-2019-2933: Windows file handling redux - CVE-2019-2945: Better socket support - CVE-2019-2949: Better Kerberos ccache handling - CVE-2019-2958: Build Bett...
Security update for java-11-openjdk (important)
openSUSE Security Update: Security update for java-11-openjdk Announcement ID: openSUSE-SU-2019:2557-1 Rating: important References: 1152856 1154212 Cross-References: CVE-2019-2894 CVE-2019-2933 CVE-2019-2945 CVE-2019-2949 CVE-2019-2958 CVE-2019-2962 CVE-2019-2964 CVE-2019-2973 CVE-2019-2975...
OpenJDK: Unexpected exception thrown by Pattern processing crafted regular expression (Concurrency, 8222684)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Concurrency. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...
Scientific Linux Security Update : java-1.8.0-openjdk on SL7.x x86_64 (20191016)
Security Fixes : - OpenJDK: Improper handling of Kerberos proxy credentials Kerberos, 8220302 CVE-2019-2949 - OpenJDK: Unexpected exception thrown during regular expression processing in Nashorn Scripting, 8223518 CVE-2019-2975 - OpenJDK: Incorrect handling of nested jar: URLs in Jar URL handler...
OpenJDK: Unexpected exception thrown by Pattern processing crafted regular expression (Concurrency, 8222684)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Concurrency. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...
OpenJDK: Unexpected exception thrown by Pattern processing crafted regular expression (Concurrency, 8222684)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Concurrency. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...
OpenJDK: Unexpected exception thrown by Pattern processing crafted regular expression (Concurrency, 8222684)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Concurrency. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...