First published: Mon Oct 19 2020(Updated: )
An unspecified vulnerability in Java SE related to the Serialization component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors.
Credit: secalert_us@oracle.com
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/java | <1.8.0-openjdk-1:1.8.0.272.b10-0.el6_10 | 1.8.0-openjdk-1:1.8.0.272.b10-0.el6_10 |
redhat/java | <11-openjdk-1:11.0.9.11-0.el7_9 | 11-openjdk-1:11.0.9.11-0.el7_9 |
redhat/java | <1.8.0-openjdk-1:1.8.0.272.b10-1.el7_9 | 1.8.0-openjdk-1:1.8.0.272.b10-1.el7_9 |
redhat/java | <1.8.0-ibm-1:1.8.0.6.20-1jpp.1.el7 | 1.8.0-ibm-1:1.8.0.6.20-1jpp.1.el7 |
redhat/java | <1.7.1-ibm-1:1.7.1.4.75-1jpp.1.el7 | 1.7.1-ibm-1:1.7.1.4.75-1jpp.1.el7 |
redhat/java | <11-openjdk-1:11.0.9.11-0.el8_2 | 11-openjdk-1:11.0.9.11-0.el8_2 |
redhat/java | <1.8.0-openjdk-1:1.8.0.272.b10-1.el8_2 | 1.8.0-openjdk-1:1.8.0.272.b10-1.el8_2 |
redhat/java | <1.8.0-ibm-1:1.8.0.6.20-1.el8_3 | 1.8.0-ibm-1:1.8.0.6.20-1.el8_3 |
redhat/java | <11-openjdk-1:11.0.9.11-0.el8_0 | 11-openjdk-1:11.0.9.11-0.el8_0 |
redhat/java | <1.8.0-openjdk-1:1.8.0.272.b10-0.el8_0 | 1.8.0-openjdk-1:1.8.0.272.b10-0.el8_0 |
redhat/java | <11-openjdk-1:11.0.9.11-0.el8_1 | 11-openjdk-1:11.0.9.11-0.el8_1 |
redhat/java | <1.8.0-openjdk-1:1.8.0.272.b10-0.el8_1 | 1.8.0-openjdk-1:1.8.0.272.b10-0.el8_1 |
debian/openjdk-11 | 11.0.16+8-1~deb10u1 11.0.20+8-1~deb10u1 11.0.20+8-1~deb11u1 11.0.21+9-1 | |
debian/openjdk-8 | 8u382-ga-2 | |
Oracle JDK | =1.7.0-update271 | |
Oracle JDK | =1.8.0-update261 | |
Oracle JDK | =11.0.8 | |
Oracle JDK | =15 | |
Oracle JRE | =1.8.0-update261 | |
Debian Debian Linux | =9.0 | |
Debian Debian Linux | =10.0 | |
Fedoraproject Fedora | =31 | |
Fedoraproject Fedora | =32 | |
Fedoraproject Fedora | =33 | |
openSUSE Leap | =15.2 | |
NetApp 7-Mode Transition Tool | ||
Netapp Active Iq Unified Manager Windows | >=7.3 | |
Netapp Active Iq Unified Manager Vmware Vsphere | >=9.5 | |
NetApp E-Series SANtricity OS Controller | >=11.0.0<=11.60.3 | |
Netapp E-series Santricity Storage Manager | ||
Netapp E-series Santricity Web Services Web Services Proxy | ||
Netapp Hci Management Node | ||
NetApp OnCommand Insight | ||
NetApp OnCommand Unified Manager Core Package | ||
Netapp Santricity Cloud Connector | ||
Netapp Santricity Unified Manager | ||
Netapp Snapmanager Oracle | ||
Netapp Snapmanager Sap | ||
Netapp Solidfire | ||
Netapp Hci Storage Node | ||
IBM Cloud Pak for Automation | <=20.0.3-IF002 | |
IBM Cloud Pak for Automation | <=21.0.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Appears in the following advisories)
The severity of CVE-2020-14779 is low with a severity value of 3.7.
The affected software for CVE-2020-14779 is Java SE and Java SE Embedded.
CVE-2020-14779 is a difficult to exploit vulnerability that allows an unauthenticated attacker with network access.
To fix CVE-2020-14779, update to the recommended versions of Java SE: 7u271, 8u261, 11.0.8, or 15.
You can find more information about CVE-2020-14779 on the Oracle website: [link1], [link2], [link3].