Authorization Bypass

🗓️ 17 Jul 2020 06:05:56Reported by Veracode Vulnerability DatabaseType

veracode🔗 sca.analysiscenter.veracode.com👁 27 Views

openjdk vulnerability authorization bypass with incomplete bounds check

Reporter	Title	Published	Views	Family All 338
IBM Security Bulletins	Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - January 2019 through July 2022 affects AIX LPARs in IBM PureData System for Operational Analytics	4 Nov 202220:17	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM i	28 Sep 202015:38	–	ibm
IBM Security Bulletins	Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Oracle Jul 2020 CPU plus one additional vulnerability and Oracle deferred from Jan 2020	13 Feb 202100:52	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Linux Kernel and Java affect IBM Spectrum Protect Plus	3 Mar 202121:46	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerability has been identified in Oracle Java shipped with IBM® Intelligent Operations Center	11 Feb 202115:20	–	ibm
IBM Security Bulletins	Security Bulletin: July 2020 Critical Patch Update for Java	9 Dec 202016:23	–	ibm
IBM Security Bulletins	Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Jul 2020 - Includes Oracle Jul 2020 CPU plus one additional vulnerability	13 Jan 202118:13	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities have been identified in IBM® Java SDK that affect IBM Security Directory Suite	16 Mar 202120:24	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Kenexa LCMS Premier On Premise - IBM SDK, Java Technology Edition Quarterly CPU - Jul 2020 - Includes Oracle Jul 2020 CPU plus one additional vulnerability	8 Oct 202012:56	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Security Directory Server	24 Mar 202120:02	–	ibm

Vulners

Node

openjdk11 openjdk11Match11.0.7_p10-r1os

AND

alpinelinux alpine_linuxMatch3.12

openjdk7 openjdk7Match7.221.2.6.18-r2os

AND

alpinelinux alpine_linuxMatch3.12

openjdk7 openjdk7Match7.221.2.6.18-r0os

AND

alpinelinux alpine_linuxMatch3.11

openjdk7 openjdk7Match7.221.2.6.18-r0os

AND

alpinelinux alpine_linuxMatch3.10

openjdk8 openjdk8Match8.242.08-r0os

AND

alpinelinux alpine_linuxMatch3.11

openjdk8 openjdk8Match8.242.08-r0os

AND

alpinelinux alpine_linuxMatch3.10

openjdk8 openjdk8Match8.222.10-r0os

AND

alpinelinux alpine_linuxMatch3.8

openjdk8 openjdk8Match8.222.10-r0os

AND

alpinelinux alpine_linuxMatch3.7

openjdk8 openjdk8Match8.242.08-r0os

AND

alpinelinux alpine_linuxMatch3.9

openjdk7 openjdk7Match7.221.2.6.18-r0os

AND

openjdk7 openjdk7Match7.221.2.6.18-r2os

AND

openjdk7 openjdk7Match7.221.2.6.18-r1os

AND

alpinelinux alpine_linuxMatchedge

openjdk11 openjdk11Match11.0.7_p10-r1os

AND

openjdk11 openjdk11Match11.0.6_p10-r0os

AND

openjdk11 openjdk11Match11.0.6_p10-r1os

AND

alpinelinux alpine_linuxMatchedge

openjdk8 openjdk8Match8.242.08-r0os

AND

openjdk8 openjdk8Match8.242.08-r2os

AND

openjdk8 openjdk8Match8.242.08-r1os

AND

alpinelinux alpine_linuxMatchedge

java-11-openjdk java-11-openjdkMatch11.0.2.7_2.el8

java-11-openjdk java-11-openjdkMatch11.0.4.11_0.el8_0

java-11-openjdk java-11-openjdkMatch11.0.6.10_0.el8_1

java-11-openjdk java-11-openjdkMatch11.0.3.7_2.el8_0

java-11-openjdk java-11-openjdkMatch11.0.5.10_2.el8_1

java-11-openjdk java-11-openjdkMatch11.0.6.10_4.el8

java-11-openjdk java-11-openjdkMatch11.0.5.10_0.el8_0

java-11-openjdk java-11-openjdkMatch11.0.8.1_0.1.ea.el8

java-11-openjdk java-11-openjdkMatch11.0.7.10_1.el8_1

java-11-openjdk java-11-openjdkMatch11.0.ea.28_7.el7

java-11-openjdk java-11-openjdkMatch11.0.3.7_0.el7_6

java-11-openjdk java-11-openjdkMatch11.0.1.13_3.el7_6

java-11-openjdk java-11-openjdkMatch11.0.5.10_0.el7_7

java-11-openjdk java-11-openjdkMatch11.0.6.10_1.el7_7

java-11-openjdk java-11-openjdkMatch11.0.6.10_3.el7

java-11-openjdk java-11-openjdkMatch11.0.4.11_0.el7_6

java-11-openjdk java-11-openjdkMatch11.0.4.11_1.el7_7

java-11-openjdk java-11-openjdkMatch11.0.2.7_0.el7_6

java-11-openjdk java-11-openjdkMatch11.0.7.10_4.el7_8

java-11-openjdk java-11-openjdkMatch11.0.3.7_1.el7

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.252.b09_4.el8

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.201.b09_2.el8

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.252.b09_2.el8_1

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.222.b10_0.el8_0

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.242.b08_0.el8_1

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.252.b09_3.el8_2

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.252.b09_7.el8

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.232.b09_0.el8_0

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.232.b09_2.el8_1

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.181_7.b13.el7

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.222.b03_1.el7

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.232.b09_0.el7_7

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.252.b09_2.el7_8

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.31_7.b13.ael7b_1

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.171_8.b10.el7_5

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.201.b09_2.el7_6

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.212.b04_0.el7_6

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.65_2.b17.ael7b_1

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.181_3.b13.el7_5

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.242.b08_0.el7_7

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.45_30.b13.ael7b_1

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.51_1.b16.ael7b_1

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.161_2.b14.el7_4

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.191.b12_1.el7_6

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.222.b10_0.el7_6

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.161_2.b14.el7

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.171_7.b10.el7

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.60_2.b27.ael7b_1

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.191.b12_0.el7_5

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.242.b08_1.el7

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.222.b10_1.el7_7

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.141_3.b16.el6_9

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.151_1.b12.el6_9

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.242.b07_1.el6_10

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.131_0.b11.el6_9

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.252.b09_2.el6_10

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.51_1.b16.el6_7

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.111_1.b15.el6_8

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.91_0.b14.el6_7

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.25_1.b17.el6

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.20_3.b26.el6

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.91_3.b14.el6_8

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.232.b09_1.el6_10

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.144_0.b01.el6_9

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.91_1.b14.el6

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.65_0.b17.el6_7

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.201.b09_1.el6_10

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.25_3.b17.el6_6

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.121_1.b13.el6

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.171_8.b10.el6_9

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.31_1.b13.el6_6

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.111_0.b15.el6_8

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.201.b09_2.el6_10

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.45_28.b13.el6_6

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.101_3.b13.el6_8

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.191.b12_0.el6_10

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.51_0.b16.el6_6

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.141_2.b16.el6_9

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.51_3.b16.el6_7

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.171_3.b10.el6_9

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.222.b10_0.el6_10

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.121_0.b13.el6_8

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.181_3.b13.el6_10

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.71_1.b15.el6_7

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.212.b04_0.el6_10

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.45_35.b13.el6

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.77_0.b03.el6_7

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.161_3.b14.el6_9

java-1.7.1-ibm java-1.7.1-ibmMatch1.7.1.4.1_1jpp.1.el6_8

java-1.7.1-ibm java-1.7.1-ibmMatch1.7.1.3.40_1jpp.1.el6_7

Source	Link
lists	www.lists.debian.org/debian-lts-announce/2020/08/msg00021.html
access	www.access.redhat.com/security/updates/classification/
access	www.access.redhat.com/errata/RHSA-2020:2970
debian	www.debian.org/security/2020/dsa-4734
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DFZ36XIW5ENQAW6BB7WHRFFTTJX7KGMR/
lists	www.lists.fedoraproject.org/archives/list/[email protected]/message/DFZ36XIW5ENQAW6BB7WHRFFTTJX7KGMR/
lists	www.lists.fedoraproject.org/archives/list/[email protected]/message/QQUMIAON2YEFRONMIUVHAKYCIOLICDBA/
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QQUMIAON2YEFRONMIUVHAKYCIOLICDBA/
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MEPHBZPNSLX43B26DWKB7OS6AROTS2BO/
lists	www.lists.fedoraproject.org/archives/list/[email protected]/message/MEPHBZPNSLX43B26DWKB7OS6AROTS2BO/

07 Nov 2023 23:29Current

4.5Medium risk

Vulners AI Score4.5

CVSS 3.17.4

CVSS 24.3

EPSS0.00409

SSVC