MiracleLinux 8 : java-11-openjdk-11.0.9.11-0.el8 (AXSA:2020-784:09)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-784:09 advisory. OpenJDK: Credentials sent over unencrypted LDAP connection JNDI, 8237990 CVE-2020-14781 OpenJDK: Certificate blacklist bypass via alternate certifica...

PT-2024-18131 · Mlflow · Mlflow

Name of the Vulnerable Software and Affected Versions: mlflow versions prior to 2.9.3 Description: A path traversal issue exists in the artifact deletion functionality of the mlflow repository. This is due to an extra unquote operation in the delete artifacts function of local artifact repo.py,...

Updated java packages fix security vulnerabilities

The updated packages fix security vulnerabilities and a file conflict : Improper connection handling during TLS handshake. CVE-2023-21930 Incorrect enqueue of references in garbage collector. CVE-2023-21954 Certificate validation issue in TLS session negotiation. CVE-2023-21967 Swing HTML parsing...

OpenJDK: improper handling of slash characters in URI-to-path conversion (8305312)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 8u371, 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6,...

Moderate: Red Hat Security Advisory: java-1.8.0-ibm security update

An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 7 Supplementary. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

OpenJDK: improper handling of slash characters in URI-to-path conversion (8305312)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 8u371, 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6,...

RLSA-2023:4178 Moderate: java-1.8.0-openjdk security and bug fix update

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fixes: OpenJDK: improper handling of slash characters in URI-to-path conversion 8305312 CVE-2023-22049 OpenJDK: array indexing integer overflow issue 8304468...

java-1.8.0-openjdk security and bug fix update

An update is available for java-1.8.0-openjdk. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime...

RLSA-2023:4176 Moderate: java-1.8.0-openjdk security and bug fix update

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fixes: OpenJDK: improper handling of slash characters in URI-to-path conversion 8305312 CVE-2023-22049 OpenJDK: array indexing integer overflow issue 8304468...

java-1.8.0-openjdk: Fix of 2 CVEs

Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u382-b05. That fixes following CVEs: - CVE-2023-22045: Array indexing integer overflow issue. 8304468 - CVE-2023-22049: Improper handling of slash characters in URI-to-path conversion 8305312 - Remove patch for pkcs11 cause issue was fixed in...

Important: Red Hat Security Advisory: java-1.8.0-ibm security update

An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 7 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

RHEL 7 : java-1.8.0-ibm (RHSA-2023:4160)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4160 advisory. IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE ...

java-17-openjdk security and bug fix update

1:17.0.8.0.7-2.0.1 - OpenJDK: ZIP file parsing infinite loop 8302483 CVE-2023-22036 - OpenJDK: weakness in AES implementation 8308682 CVE-2023-22041 - OpenJDK: improper handling of slash characters in URI-to-path conversion 8305312 CVE-2023-22049 - harfbuzz: OpenJDK: On^2 growth via consecutive...

java-17-openjdk security and bug fix update

1:17.0.8.0.7-2.0.1 - OpenJDK: ZIP file parsing infinite loop 8302483 CVE-2023-22036 - OpenJDK: weakness in AES implementation 8308682 CVE-2023-22041 - OpenJDK: improper handling of slash characters in URI-to-path conversion 8305312 CVE-2023-22049 - harfbuzz: OpenJDK: On^2 growth via consecutive...

RHEL 7 : java-11-openjdk (RHSA-2023:4233)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4233 advisory. The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fixe...

Moderate: Red Hat Security Advisory: java-1.8.0-openjdk security and bug fix update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

OpenJDK: improper handling of slash characters in URI-to-path conversion (8305312)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 8u371, 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6,...

OpenJDK: improper handling of slash characters in URI-to-path conversion (8305312)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 8u371, 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6,...

Moderate: Red Hat Security Advisory: java-11-openjdk security and bug fix update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

Moderate: Red Hat Security Advisory: java-1.8.0-openjdk security and bug fix update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...