Improper Input Validation

2021-10-2621:53:46

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

7.1 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:C/I:N/A:N

JSON

Java SE is vulnerable to improper input validation. an attacker can gain access to sensitive information through the JSSE component in the oracle GraalVM enterprise edition

CPENameOperatorVersion
java-1.8.0-openjdkeq1.8.0.292.b10__1.el7_9
java-1.8.0-openjdkeq1.8.0.201.b09__2.el8
java-1.8.0-openjdkeq1.8.0.161__2.b14.el7
java-1.8.0-openjdkeq1.8.0.302.b08__0.el8_4
java-1.8.0-openjdkeq1.8.0.65__2.b17.ael7b_1
java-1.8.0-openjdkeq1.8.0.265.b01__3.el8
java-1.8.0-openjdkeq1.8.0.282.b07__0.1.ea.el8
java-1.8.0-openjdkeq1.8.0.275.b01__1.el8_3
java-1.8.0-openjdkeq1.8.0.252.b09__2.el7_8
java-1.8.0-openjdkeq1.8.0.265.b01__4.el8

Name	Operator	Version
java-1.8.0-openjdk	eq	1.8.0.292.b10__1.el7_9
java-1.8.0-openjdk	eq	1.8.0.201.b09__2.el8
java-1.8.0-openjdk	eq	1.8.0.161__2.b14.el7
java-1.8.0-openjdk	eq	1.8.0.302.b08__0.el8_4
java-1.8.0-openjdk	eq	1.8.0.65__2.b17.ael7b_1
java-1.8.0-openjdk	eq	1.8.0.265.b01__3.el8
java-1.8.0-openjdk	eq	1.8.0.282.b07__0.1.ea.el8
java-1.8.0-openjdk	eq	1.8.0.275.b01__1.el8_3
java-1.8.0-openjdk	eq	1.8.0.252.b09__2.el7_8
java-1.8.0-openjdk	eq	1.8.0.265.b01__4.el8