OSV-2022-743 Security exception in org.apache.commons.jxpath.ri.parser.XPathParser.MultiplicativeExpr

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50363 Crash type: Security exception Crash state: org.apache.commons.jxpath.ri.parser.XPathParser.MultiplicativeExpr org.apache.commons.jxpath.ri.parser.XPathParser.SubtractiveExpr...

OpenJDK: Unexpected exception thrown by XPathParser processing crafted XPath expression (JAXP, 8223505)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JAXP. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

RHEL 7 : java-1.8.0-ibm (RHSA-2019:4115)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:4115 advisory. IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE ...

OpenJDK: Unexpected exception thrown by XPathParser processing crafted XPath expression (JAXP, 8223505)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JAXP. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

Virtuozzo 6 : java-1.7.0-openjdk / java-1.7.0-openjdk-demo / etc (VZLSA-2019-3158)

An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

java security update

CentOS Errata and Security Advisory CESA-2019:3136 An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detail...

Scientific Linux Security Update : java-1.8.0-openjdk on SL7.x x86_64 (20191016)

Security Fixes : - OpenJDK: Improper handling of Kerberos proxy credentials Kerberos, 8220302 CVE-2019-2949 - OpenJDK: Unexpected exception thrown during regular expression processing in Nashorn Scripting, 8223518 CVE-2019-2975 - OpenJDK: Incorrect handling of nested jar: URLs in Jar URL handler...

Denial Of Service (DoS)

openjdk is vulnerable to denial of service. An unexpected exception thrown by XPathParser processing malicious XPath expression allows an attacker to crash the application...

OpenJDK: Unexpected exception thrown by XPathParser processing crafted XPath expression (JAXP, 8223505)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JAXP. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...