What is the severity of REDHAT-BUG-1790444?

The severity of REDHAT-BUG-1790444 is assessed as critical due to the potential for resource exhaustion attacks.

How do I fix REDHAT-BUG-1790444?

To fix REDHAT-BUG-1790444, upgrade to the latest patched version of OpenJDK provided by your vendor.

What impact does REDHAT-BUG-1790444 have on my application?

REDHAT-BUG-1790444 may enable attackers to cause excessive resource usage in Java applications when crafting specific malicious inputs.

Is my version of OpenJDK vulnerable to REDHAT-BUG-1790444?

Versions of OpenJDK that are not updated with the latest security patches may be vulnerable to REDHAT-BUG-1790444.

What types of applications are affected by REDHAT-BUG-1790444?

Any Java application utilizing the BeanContextSupport class in OpenJDK during deserialization processes may be affected by REDHAT-BUG-1790444.

Vulnerability/
REDHAT-BUG-1790444

low

13/1/2020

17/3/2020

REDHAT-BUG-1790444

First published: Mon Jan 13 2020(Updated: )

A flaw was found in the what the BeanContextSupport class in the Serialization component of OpenJDK handled exceptions during deserialization. A specially-crafted input could cause a Java application to use an excessive amount of resources when deserialized.

Affected Software	Affected Version	How to fix
OpenJDK

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of REDHAT-BUG-1790444?
The severity of REDHAT-BUG-1790444 is assessed as critical due to the potential for resource exhaustion attacks.
How do I fix REDHAT-BUG-1790444?
To fix REDHAT-BUG-1790444, upgrade to the latest patched version of OpenJDK provided by your vendor.
What impact does REDHAT-BUG-1790444 have on my application?
REDHAT-BUG-1790444 may enable attackers to cause excessive resource usage in Java applications when crafting specific malicious inputs.
Is my version of OpenJDK vulnerable to REDHAT-BUG-1790444?
Versions of OpenJDK that are not updated with the latest security patches may be vulnerable to REDHAT-BUG-1790444.
What types of applications are affected by REDHAT-BUG-1790444?
Any Java application utilizing the BeanContextSupport class in OpenJDK during deserialization processes may be affected by REDHAT-BUG-1790444.

agent/type
agent/first-publish-date
agent/last-modified-date
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2020-2583
agent/severity
agent/references
agent/description
agent/event
agent/source
agent/softwarecombine
agent/tags
agent/guess-ai
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/openjdk
canonical/openjdk

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.