MiracleLinux 7 : java-1.8.0-openjdk-1.8.0.372.b07-1.el7 (AXSA:2023-5312:06)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5312:06 advisory. OpenJDK: improper connection handling during TLS handshake 8294474 CVE-2023-21930 OpenJDK: Swing HTML parsing issue 8296832 CVE-2023-21939 OpenJDK:...

MiracleLinux 7 : java-1.8.0-openjdk-1.8.0.272.b10-1.el7 (AXSA:2020-822:18)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-822:18 advisory. OpenJDK: Credentials sent over unencrypted LDAP connection JNDI, 8237990 CVE-2020-14781 OpenJDK: Certificate blacklist bypass via alternate certifica...

MGASA-2023-0272 Updated java packages fix security vulnerabilities

The updated packages fix security vulnerabilities and a file conflict : Improper connection handling during TLS handshake. CVE-2023-21930 Incorrect enqueue of references in garbage collector. CVE-2023-21954 Certificate validation issue in TLS session negotiation. CVE-2023-21967 Swing HTML parsing...

RHEL 7 : java-1.7.1-ibm (RHSA-2020:5586)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:5586 advisory. IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IB...

Moderate: Red Hat Security Advisory: java-1.7.1-ibm security update

An update for java-1.7.1-ibm is now available for Red Hat Enterprise Linux 7 Supplementary. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Updated java-1.8.0-openjdk packages fix security vulnerabilities

High memory usage during deserialization of Proxy class with many interfaces. CVE-2020-14779 Credentials sent over unencrypted LDAP connection. CVE-2020-14781 Certificate blacklist bypass via alternate certificate encodings. CVE-2020-14782 Integer overflow leading to out-of-bounds access...

Scientific Linux Security Update : java-1.8.0-openjdk on SL6.x i386/x86_64 (20201027)

Security Fixes : - OpenJDK: Credentials sent over unencrypted LDAP connection JNDI, 8237990 CVE-2020-14781 - OpenJDK: Certificate blacklist bypass via alternate certificate encodings Libraries, 8237995 CVE-2020-14782 - OpenJDK: Integer overflow leading to out-of-bounds access Hotspot, 8241114...

Moderate: Red Hat Security Advisory: java-1.8.0-openjdk security update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

OpenJDK: Missing permission check in path to URI conversion (Libraries, 8242680)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...

Authorization Bypass

OpenJDK is vulnerable to authorization bypass. The vulnerability exists through a missing permission check in path to URI conversion...

Scientific Linux Security Update : java-11-openjdk on SL7.x x86_64 (20201022)

Security Fixes : - OpenJDK: Credentials sent over unencrypted LDAP connection JNDI, 8237990 CVE-2020-14781 - OpenJDK: Certificate blacklist bypass via alternate certificate encodings Libraries, 8237995 CVE-2020-14782 - OpenJDK: Integer overflow leading to out-of-bounds access Hotspot, 8241114...

OpenJDK: Missing permission check in path to URI conversion (Libraries, 8242680)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...