2.6 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:N/I:N/A:P
3.1 Low
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L
0.002 Low
EPSS
Percentile
62.0%
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of
Oracle Java SE (component: Hotspot). Supported versions that are affected
are Java SE: 7u311, 8u301; Oracle GraalVM Enterprise Edition: 20.3.3 and
21.2.0. Difficult to exploit vulnerability allows unauthenticated attacker
with network access via multiple protocols to compromise Java SE, Oracle
GraalVM Enterprise Edition. Successful attacks require human interaction
from a person other than the attacker. Successful attacks of this
vulnerability can result in unauthorized ability to cause a partial denial
of service (partial DOS) of Java SE, Oracle GraalVM Enterprise Edition.
Note: This vulnerability applies to Java deployments, typically in clients
running sandboxed Java Web Start applications or sandboxed Java applets,
that load and run untrusted code (e.g., code that comes from the internet)
and rely on the Java sandbox for security. This vulnerability can also be
exploited by using APIs in the specified Component, e.g., through a web
service which supplies data to the APIs. CVSS 3.1 Base Score 3.1
(Availability impacts). CVSS Vector:
(CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | openjdk-8 | < 8u312-b07-0ubuntu1~18.04 | UNKNOWN |
ubuntu | 20.04 | noarch | openjdk-8 | < 8u312-b07-0ubuntu1~20.04 | UNKNOWN |
ubuntu | 21.04 | noarch | openjdk-8 | < 8u312-b07-0ubuntu1~21.04 | UNKNOWN |
ubuntu | 21.10 | noarch | openjdk-8 | < 8u312-b07-0ubuntu1~21.10 | UNKNOWN |
ubuntu | 16.04 | noarch | openjdk-8 | < 8u312-b07-0ubuntu1~16.04 | UNKNOWN |
2.6 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:N/I:N/A:P
3.1 Low
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L
0.002 Low
EPSS
Percentile
62.0%