First published: Sun Jul 16 2023(Updated: )
An unspecified vulnerability in Java SE related to the VM component could allow a local attacker to cause high confidentiality impacts.
Credit: secalert_us@oracle.com secalert_us@oracle.com secalert_us@oracle.com
Affected Software | Affected Version | How to fix |
---|---|---|
Oracle GraalVM | =20.3.10 | |
Oracle GraalVM | =21.3.6 | |
Oracle GraalVM | =22.3.2 | |
Oracle GraalVM for JDK | =17.0.7 | |
Oracle GraalVM for JDK | =20.0.1 | |
Oracle JDK | =1.8.0-update371 | |
Oracle JDK | =11.0.19 | |
Oracle JDK | =17.0.7 | |
Oracle JDK | =20.0.1 | |
Oracle JRE | =1.8.0-update371 | |
Oracle JRE | =11.0.19 | |
Oracle JRE | =17.0.7 | |
Oracle JRE | =20.0.1 | |
Debian Debian Linux | =11.0 | |
Debian Debian Linux | =12.0 | |
ubuntu/openjdk-lts | <11.0.20+8-1ubuntu1~18.04 | 11.0.20+8-1ubuntu1~18.04 |
ubuntu/openjdk-lts | <11.0.20+8-1ubuntu1~20.04 | 11.0.20+8-1ubuntu1~20.04 |
ubuntu/openjdk-lts | <11.0.20+8-1ubuntu1~22.04 | 11.0.20+8-1ubuntu1~22.04 |
ubuntu/openjdk-lts | <11.0.20+8-1ubuntu1~23.04 | 11.0.20+8-1ubuntu1~23.04 |
ubuntu/openjdk-17 | <17.0.8+7-1~18.04 | 17.0.8+7-1~18.04 |
ubuntu/openjdk-17 | <17.0.8+7-1~20.04.2 | 17.0.8+7-1~20.04.2 |
ubuntu/openjdk-17 | <17.0.8+7-1~22.04 | 17.0.8+7-1~22.04 |
ubuntu/openjdk-17 | <17.0.8+7-1~23.04 | 17.0.8+7-1~23.04 |
ubuntu/openjdk-20 | <20.0.2+9+ | 20.0.2+9+ |
debian/openjdk-11 | <=11.0.16+8-1~deb10u1 | 11.0.22+7-1~deb10u1 11.0.22+7-1~deb11u1 11.0.22+7-2 |
debian/openjdk-17 | 17.0.10+7-1~deb11u1 17.0.10+7-1~deb12u1 17.0.10+7-1 | |
IBM Cloud Pak for Business Automation | <=V23.0.1 - V23.0.1-IF002 | |
IBM Cloud Pak for Business Automation | <=V21.0.3 - V21.0.3-IF024 | |
IBM Cloud Pak for Business Automation | <=V22.0.2 - V22.0.2-IF006 and later fixesV22.0.1 - V22.0.1-IF006 and later fixesV21.0.2 - V21.0.2-IF012 and later fixesV21.0.1 - V21.0.1-IF007 and later fixesV20.0.1 - V20.0.3 and later fixesV19.0.1 - V19.0.3 and later fixesV18.0.0 - V18.0.2 and later fixes | |
Debian Debian Linux | =10.0 | |
NetApp 7-Mode Transition Tool | ||
Netapp Active Iq Unified Manager Vmware Vsphere | ||
Netapp Active Iq Unified Manager Windows | ||
Netapp Cloud Insights Acquisition Unit | ||
Netapp Cloud Insights Storage Workload Security Agent | ||
NetApp OnCommand Insight |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2023-22041 is medium with a severity value of 5.1.
Oracle Java SE versions 8u371-perf, 11.0.19, 17.0.7, and 20.0.1 are affected by CVE-2023-22041.
Oracle GraalVM Enterprise Edition versions 20.3.10, 21.3.6, and 22.3.2 are affected by CVE-2023-22041.
To fix CVE-2023-22041 on Ubuntu 18.04 LTS, update the 'openjdk-lts' package to version 11.0.20+8-1ubuntu1~18.04 or higher.
To fix CVE-2023-22041 on Ubuntu 20.04 LTS, update the 'openjdk-lts' package to version 11.0.20+8-1ubuntu1~20.04 or higher.