First published: Thu Oct 12 2023(Updated: )
A flaw was found in the PKIX certification path validation algorithm in the JSSE component of OpenJDK. A malicious remote client could use this flaw to craft a X.509 certificate and cause denial of service in a Java application processing such certificate.
Credit: secalert_us@oracle.com secalert_us@oracle.com secalert_us@oracle.com
Affected Software | Affected Version | How to fix |
---|---|---|
ubuntu/openjdk-17 | <17.0.9+9-1~18.04 | 17.0.9+9-1~18.04 |
ubuntu/openjdk-17 | <17.0.9+9-1~20.04 | 17.0.9+9-1~20.04 |
ubuntu/openjdk-17 | <17.0.9+9-1~22.04 | 17.0.9+9-1~22.04 |
ubuntu/openjdk-17 | <17.0.9+9-1~23.04 | 17.0.9+9-1~23.04 |
ubuntu/openjdk-17 | <17.0.9+9-1~23.10 | 17.0.9+9-1~23.10 |
ubuntu/openjdk-21 | <21.0.1+12-2~22.04 | 21.0.1+12-2~22.04 |
ubuntu/openjdk-21 | <21.0.1+12-2~23.04 | 21.0.1+12-2~23.04 |
ubuntu/openjdk-21 | <21.0.1+12-2~23.10 | 21.0.1+12-2~23.10 |
ubuntu/openjdk-8 | <8 | 8 |
ubuntu/openjdk-8 | <8 | 8 |
ubuntu/openjdk-8 | <8 | 8 |
ubuntu/openjdk-8 | <8 | 8 |
ubuntu/openjdk-8 | <8 | 8 |
ubuntu/openjdk-8 | <8 | 8 |
ubuntu/openjdk-lts | <11.0.21+9-0ubuntu1~18.04 | 11.0.21+9-0ubuntu1~18.04 |
ubuntu/openjdk-lts | <11.0.21+9-0ubuntu1~20.04 | 11.0.21+9-0ubuntu1~20.04 |
ubuntu/openjdk-lts | <11.0.21+9-0ubuntu1~22.04 | 11.0.21+9-0ubuntu1~22.04 |
ubuntu/openjdk-lts | <11.0.21+9-0ubuntu1~23.04 | 11.0.21+9-0ubuntu1~23.04 |
ubuntu/openjdk-lts | <11.0.21+9-0ubuntu1~23.10 | 11.0.21+9-0ubuntu1~23.10 |
Oracle GraalVM for JDK | =17.0.8 | |
Oracle GraalVM for JDK | =21 | |
Oracle JDK | =1.8.0-update381 | |
Oracle JDK | =1.8.0-update381 | |
Oracle JDK | =11.0.2 | |
Oracle JDK | =17.0.8 | |
Oracle JDK | =21.0.0 | |
Oracle JRE | =1.8.0-update381 | |
Oracle JRE | =1.8.0-update381 | |
Oracle JRE | =11.0.2 | |
Oracle JRE | =17.0.8 | |
Oracle JRE | =21.0.0 | |
Netapp Cloud Insights Acquisition Unit | ||
Netapp Cloud Insights Storage Workload Security Agent | ||
debian/openjdk-11 | 11.0.23+9-1~deb11u1 11.0.24~7ea-1 | |
debian/openjdk-17 | 17.0.11+9-1~deb11u1 17.0.11+9-1~deb12u1 17.0.12~6ea-1 | |
debian/openjdk-21 | 21.0.4~6ea-1 | |
debian/openjdk-8 | 8u412-ga-1 | |
IBM Cognos Controller | <=11.0.0 - 11.0.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2023-22081 is medium with a severity value of 5.3.
Oracle Java SE versions 8u381, 8u381-perf, 11.0.20, 17.0.8, and 20.0.2 are affected by CVE-2023-22081.
Oracle GraalVM for JDK versions 17.0.8 and 20.0.2 are affected by CVE-2023-22081.
CVE-2023-22081 is an easily exploitable vulnerability that allows unauthorized access.
You can find more information about CVE-2023-22081 at the following references: [Oracle Security Alerts](https://www.oracle.com/security-alerts/cpuoct2023.html) and [Red Hat Security Advisory RHSA-2023:5742](https://access.redhat.com/errata/RHSA-2023:5742).