Lucene search

K

Veracode Vulnerability DatabaseVERACODE:22305

HistoryJan 17, 2020 - 1:47 a.m.

Denial Of Service (DoS)

2020-01-1701:47:09

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

15

3.7 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

OpenJDK is vulnerable to denial of service (DoS). The vulnerability exists due to an incorrect exception during deserialization in BeanContextSupport.

CPENameOperatorVersion
java-11-openjdkeq11.0.5.10__2.el8_1
java-11-openjdkeq11.0.4.11__0.el7_6
java-11-openjdkeq11.0.2.7__0.el7_6
java-11-openjdkeq11.0.5.10__0.el7_7
java-11-openjdkeq11.0.5.10__0.el8_0
java-11-openjdkeq11.0.3.7__2.el8_0
java-11-openjdkeq11.0.1.13__3.el7_6
java-11-openjdkeq11.0.4.11__1.el7_7
java-11-openjdkeq11.0.3.7__1.el7
java-11-openjdkeq11.0.2.7__2.el8

Rows per page:

1-10 of 801

References

lists.opensuse.org/opensuse-security-announce/2020-01/msg00050.html

lists.opensuse.org/opensuse-security-announce/2020-01/msg00060.html

access.redhat.com/errata/RHSA-2020:0122

access.redhat.com/errata/RHSA-2020:0128

access.redhat.com/errata/RHSA-2020:0157

access.redhat.com/errata/RHSA-2020:0196

access.redhat.com/errata/RHSA-2020:0202

access.redhat.com/errata/RHSA-2020:0231

access.redhat.com/errata/RHSA-2020:0232

access.redhat.com/errata/RHSA-2020:0465

access.redhat.com/errata/RHSA-2020:0467

access.redhat.com/errata/RHSA-2020:0468

access.redhat.com/errata/RHSA-2020:0469

access.redhat.com/errata/RHSA-2020:0470

access.redhat.com/errata/RHSA-2020:0541

access.redhat.com/errata/RHSA-2020:0632

access.redhat.com/security/updates/classification/#important

kc.mcafee.com/corporate/index?page=content&id=SB10315

lists.debian.org/debian-lts-announce/2020/02/msg00034.html

seclists.org/bugtraq/2020/Feb/22

seclists.org/bugtraq/2020/Jan/24

security.gentoo.org/glsa/202101-19

security.netapp.com/advisory/ntap-20200122-0003/

usn.ubuntu.com/4257-1/

www.debian.org/security/2020/dsa-4605

www.debian.org/security/2020/dsa-4621

www.oracle.com/security-alerts/cpujan2020.html

3.7 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

Related for VERACODE:22305

symantec1 cve1 osv4 ibm59 prion1 redhatcve1 debiancve1 alpinelinux1 ubuntucve1 f51 redhat15 openvas26 nessus62 suse2 centos5 amazon4 oraclelinux7 debian3 mageia1 ubuntu1 kaspersky1 gentoo1