Latest netapp cloud secure agent Vulnerabilities

CVE-2022-21626
An unspecified vulnerability in Java SE related to the Security component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown atta...
IBM Cloud Pak for Business Automation<=V22.0.2
IBM Cloud Pak for Business Automation<=V21.0.3 - V21.0.3-IF016
IBM Cloud Pak for Business Automation<=V22.0.1 - V22.0.1-IF006 and later fixes V21.0.2 - V21.0.2-IF012 and later fixesV21.0.1 - V21.0.1-IF007 and later fixesV20.0.1 - V20.0.3 and later fixesV19.0.1 - V19.0.3 and later fixesV18.0.0 - V18.0.2 and later fixes
Oracle GraalVM=20.3.7
Oracle GraalVM=21.3.3
Oracle GraalVM=22.2.0
and 24 more
CVE-2022-21624
An unspecified vulnerability in Java SE related to the Security component could allow an unauthenticated attacker to update, insert or delete data resulting in a low integrity impact using unknown att...
IBM Cognos Command Center<=10.2.4.1
Oracle GraalVM=20.3.7
Oracle GraalVM=21.3.3
Oracle GraalVM=22.2.0
Oracle JDK=1.8.0-update341
Oracle JDK=1.8.0-update345
and 28 more
CVE-2022-21628
Java SE is vulnerable to a denial of service, caused by a flaw in the Lightweight HTTP Server. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a den...
IBM Cloud Pak for Business Automation<=V22.0.2
IBM Cloud Pak for Business Automation<=V21.0.3 - V21.0.3-IF016
IBM Cloud Pak for Business Automation<=V22.0.1 - V22.0.1-IF006 and later fixes V21.0.2 - V21.0.2-IF012 and later fixesV21.0.1 - V21.0.1-IF007 and later fixesV20.0.1 - V20.0.3 and later fixesV19.0.1 - V19.0.3 and later fixesV18.0.0 - V18.0.2 and later fixes
Oracle GraalVM=20.3.7
Oracle GraalVM=21.3.3
Oracle GraalVM=22.2.0
and 30 more
CVE-2022-21618
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JGSS). Supported versions that are affected are Oracle Java SE: 17.0.4.1, 19; Oracle GraalV...
Oracle GraalVM=21.3.3
Oracle GraalVM=22.2.0
Oracle JDK=17.0.4.1
Oracle JDK=19
Oracle JRE=17.0.4.1
Oracle JRE=19
and 16 more
CVE-2022-21619
An unspecified vulnerability in Java SE related to the Security component could allow an unauthenticated attacker to update, insert or delete data resulting in a low integrity impact using unknown att...
IBM Cloud Pak for Business Automation<=V22.0.2
IBM Cloud Pak for Business Automation<=V21.0.3 - V21.0.3-IF016
IBM Cloud Pak for Business Automation<=V22.0.1 - V22.0.1-IF006 and later fixes V21.0.2 - V21.0.2-IF012 and later fixesV21.0.1 - V21.0.1-IF007 and later fixesV20.0.1 - V20.0.3 and later fixesV19.0.1 - V19.0.3 and later fixesV18.0.0 - V18.0.2 and later fixes
Oracle GraalVM=20.3.7
Oracle GraalVM=21.3.3
Oracle GraalVM=22.2.0
and 30 more
CVE-2022-39399
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 11.0.16.1, 17.0.4.1, ...
Oracle GraalVM=20.3.7
Oracle GraalVM=21.3.3
Oracle GraalVM=22.2.0
Oracle JDK=11.0.16.1
Oracle JDK=17.0.4.1
Oracle JDK=19
and 20 more
CVE-2022-2764
A flaw was found in Undertow with EJB invocations. This flaw allows an attacker to generate a valid HTTP request and send it to the server on an established connection after removing the LAST_CHUNK fr...
redhat/eap7-undertow<0:2.2.20-1.SP1_redhat_00001.1.el8ea
redhat/eap7-undertow<0:2.2.20-1.SP1_redhat_00001.1.el9ea
redhat/eap7-undertow<0:2.2.20-1.SP1_redhat_00001.1.el7ea
redhat/rh-sso7-keycloak<0:18.0.6-1.redhat_00001.1.el7
redhat/rh-sso7-keycloak<0:18.0.6-1.redhat_00001.1.el8
redhat/rh-sso7-keycloak<0:18.0.6-1.redhat_00001.1.el9
and 13 more
CVE-2022-21540
An unspecified vulnerability in Java SE related to the VM component could allow an unauthenticated attacker to obtain sensitive information resulting in a low confidentiality impact using unknown atta...
debian/openjdk-11
debian/openjdk-17
debian/openjdk-8
IBM Cloud Transformation Advisor<=2.0.1 - 3.3.1
Oracle GraalVM=20.3.6
Oracle GraalVM=21.3.2
and 155 more
CVE-2022-21549
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 17.0.3.1; Oracle Graal...
debian/openjdk-17
Oracle GraalVM=21.3.2
Oracle GraalVM=22.1.0
Oracle JDK=17.0.3.1
Oracle JRE=17.0.3.1
Azul Zulu=17.34
and 12 more
CVE-2022-21541
An unspecified vulnerability in Java SE related to the VM component could allow an unauthenticated attacker to cause no confidentiality impact, high integrity impact, and no availability impact.
debian/openjdk-11
debian/openjdk-17
debian/openjdk-8
IBM Cloud Transformation Advisor<=2.0.1 - 3.3.1
Oracle GraalVM=20.3.6
Oracle GraalVM=21.3.2
and 154 more
CVE-2022-34169
Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets
debian/bcel<=6.2-1
debian/openjdk-11
debian/openjdk-17
debian/openjdk-8
maven/xalan:xalan<2.7.3
Apache Xalan-Java<=2.7.2
and 158 more
CVE-2022-22970
A flaw was found in Spring Framework. Applications that handle file uploads are vulnerable to a denial of service (DoS) attack if they rely on data binding to set a MultipartFile or javax.servlet.Part...
redhat/springframework<5.3.20
redhat/springframework<5.2.22
maven/org.springframework:spring-beans>=5.3.0<5.3.20
maven/org.springframework:spring-beans<=5.2.21.RELEASE
VMware Spring Framework<=5.2.21
VMware Spring Framework>=5.3.0<=5.3.19
and 8 more
CVE-2022-22971
A flaw was found in Spring Framework Applications. Applications that use STOMP over the WebSocket endpoint are vulnerable to a denial of service attack caused by an authenticated user.
redhat/springframework<5.3.20
redhat/springframework<5.2.22
maven/org.springframework:spring-messaging<=5.2.21.RELEASE
maven/org.springframework:spring-messaging>=5.3.0<5.3.20
VMware Spring Framework>=5.2.0<=5.2.21
VMware Spring Framework>=5.3.0<=5.3.19
and 4 more
CVE-2022-21496
An unspecified vulnerability in Java SE related to the JNDI component could allow an unauthenticated attacker to cause no confidentiality impact, low integrity impact, and no availability impact.
redhat/java<11-openjdk-1:11.0.15.0.9-2.el7_9
redhat/java<1.8.0-openjdk-1:1.8.0.332.b09-1.el7_9
redhat/java<1.7.1-ibm-1:1.7.1.5.10-1jpp.1.el7
redhat/java<1.8.0-ibm-1:1.8.0.7.10-1jpp.1.el7
redhat/java<11-openjdk-1:11.0.15.0.9-2.el8_5
redhat/java<17-openjdk-1:17.0.3.0.6-2.el8_5
and 48 more
CVE-2022-21476
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14,...
redhat/java<11-openjdk-1:11.0.15.0.9-2.el7_9
redhat/java<1.8.0-openjdk-1:1.8.0.332.b09-1.el7_9
redhat/java<11-openjdk-1:11.0.15.0.9-2.el8_5
redhat/java<17-openjdk-1:17.0.3.0.6-2.el8_5
redhat/java<1.8.0-openjdk-1:1.8.0.332.b09-1.el8_5
redhat/java<11-openjdk-1:11.0.15.0.9-2.el8_1
and 168 more
CVE-2022-21434
An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause no confidentiality impact, low integrity impact, and no availability impact.
redhat/java<11-openjdk-1:11.0.15.0.9-2.el7_9
redhat/java<1.8.0-openjdk-1:1.8.0.332.b09-1.el7_9
redhat/java<1.7.1-ibm-1:1.7.1.5.10-1jpp.1.el7
redhat/java<1.8.0-ibm-1:1.8.0.7.10-1jpp.1.el7
redhat/java<11-openjdk-1:11.0.15.0.9-2.el8_5
redhat/java<17-openjdk-1:17.0.3.0.6-2.el8_5
and 54 more
CVE-2022-21443
An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown att...
redhat/java<11-openjdk-1:11.0.15.0.9-2.el7_9
redhat/java<1.8.0-openjdk-1:1.8.0.332.b09-1.el7_9
redhat/java<1.7.1-ibm-1:1.7.1.5.10-1jpp.1.el7
redhat/java<1.8.0-ibm-1:1.8.0.7.10-1jpp.1.el7
redhat/java<11-openjdk-1:11.0.15.0.9-2.el8_5
redhat/java<17-openjdk-1:17.0.3.0.6-2.el8_5
and 50 more
CVE-2022-21426
An unspecified vulnerability in Java SE related to the JAXP component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack v...
redhat/java<11-openjdk-1:11.0.15.0.9-2.el7_9
redhat/java<1.8.0-openjdk-1:1.8.0.332.b09-1.el7_9
redhat/java<1.8.0-ibm-1:1.8.0.8.0-1jpp.1.el7
redhat/java<11-openjdk-1:11.0.15.0.9-2.el8_5
redhat/java<17-openjdk-1:17.0.3.0.6-2.el8_5
redhat/java<1.8.0-openjdk-1:1.8.0.332.b09-1.el8_5
and 52 more
CVE-2022-22968
In Spring Framework versions 5.3.0 - 5.3.18, 5.2.0 - 5.2.20, and older unsupported versions, the patterns for disallowedFields on a DataBinder are case sensitive which means a field is not effectively...
redhat/Spring Framework<5.3.19
redhat/Spring Framework<5.2.21
maven/org.springframework:spring-context<5.2.21
maven/org.springframework:spring-context>=5.3.0<5.3.19
VMware Spring Framework<5.2.0
VMware Spring Framework>=5.2.0<=5.2.20
and 10 more
CVE-2022-1319
A flaw was found in Undertow. For an AJP 400 response, EAP 7 is improperly sending two response packets, and those packets have the reuse flag set even though JBoss EAP closes the connection. A failur...
redhat/eap7-undertow<0:2.2.17-2.SP4_redhat_00001.1.el8ea
redhat/eap7-undertow<0:2.2.17-2.SP4_redhat_00001.1.el7ea
redhat/rh-sso7-keycloak<0:18.0.3-1.redhat_00001.1.el7
redhat/rh-sso7-keycloak<0:18.0.3-1.redhat_00001.1.el8
redhat/rh-sso7<0:1-5.el9
redhat/rh-sso7-javapackages-tools<0:6.0.0-7.el9
and 16 more
CVE-2022-1259
A flaw was found in Undertow where a potential security issue in flow control handling by browser over HTTP/2 may potentially cause overhead or DOS in the server. The highest impact of this vulnerabil...
redhat/eap7-undertow<0:2.2.19-1.SP2_redhat_00001.1.el8ea
redhat/eap7-undertow<0:2.2.19-1.SP2_redhat_00001.1.el9ea
redhat/eap7-undertow<0:2.2.19-1.SP2_redhat_00001.1.el7ea
IBM Watson Knowledge Catalog on-prem<=4.x
Redhat Build Of Quarkus
Redhat Integration Camel K
and 12 more
CVE-2022-21271
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13;...
Oracle GraalVM=20.3.4
Oracle GraalVM=21.3.0
Oracle HTTP Server=12.2.1.3.0
Oracle HTTP Server=12.2.1.4.0
Oracle JDK=1.7.0-update321
Oracle JDK=1.8.0-update311
and 21 more
CVE-2022-21340
A flaw was found in the way the Attributes class in the Libraries component of OpenJDK performed reading of attributes with very long values from JAR file manifests. A specially-crafted JAR archive co...
redhat/java<11-openjdk-1:11.0.14.0.9-1.el7_9
redhat/java<1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9
redhat/java<1.8.0-ibm-1:1.8.0.7.5-1jpp.1.el7
redhat/java<1.7.1-ibm-1:1.7.1.5.5-1jpp.1.el7
redhat/java<17-openjdk-1:17.0.2.0.8-4.el8_5
redhat/java<11-openjdk-1:11.0.14.0.9-2.el8_5
and 163 more
CVE-2022-21248
An unspecified vulnerability in Java SE related to the Serialization component could allow an unauthenticated attacker to cause no confidentiality impact, low integrity impact, and no availability imp...
redhat/java<11-openjdk-1:11.0.14.0.9-1.el7_9
redhat/java<1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9
redhat/java<1.8.0-ibm-1:1.8.0.7.5-1jpp.1.el7
redhat/java<1.7.1-ibm-1:1.7.1.5.5-1jpp.1.el7
redhat/java<17-openjdk-1:17.0.2.0.8-4.el8_5
redhat/java<11-openjdk-1:11.0.14.0.9-2.el8_5
and 165 more
CVE-2022-21365
An integer overflow flaw was found in the fix applied to the BMPImageReader class implementation in the ImageIO component of OpenJDK to address the <a href="https://access.redhat.com/security/cve/CVE-...
redhat/java<11-openjdk-1:11.0.14.0.9-1.el7_9
redhat/java<1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9
redhat/java<1.8.0-ibm-1:1.8.0.7.5-1jpp.1.el7
redhat/java<1.7.1-ibm-1:1.7.1.5.5-1jpp.1.el7
redhat/java<17-openjdk-1:17.0.2.0.8-4.el8_5
redhat/java<11-openjdk-1:11.0.14.0.9-2.el8_5
and 163 more
CVE-2022-21341
An unspecified vulnerability in Java SE related to the Serialization component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown...
redhat/java<11-openjdk-1:11.0.14.0.9-1.el7_9
redhat/java<1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9
redhat/java<1.8.0-ibm-1:1.8.0.7.5-1jpp.1.el7
redhat/java<1.7.1-ibm-1:1.7.1.5.5-1jpp.1.el7
redhat/java<17-openjdk-1:17.0.2.0.8-4.el8_5
redhat/java<11-openjdk-1:11.0.14.0.9-2.el8_5
and 163 more
CVE-2022-21305
A flaw was found in the way the Hotspot component of OpenJDK handled array indexes on 64-bit x86 platform. A large index could trigger a displacement overflow in LIRGenerator::emit_array_address, poss...
redhat/java<11-openjdk-1:11.0.14.0.9-1.el7_9
redhat/java<1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9
redhat/java<17-openjdk-1:17.0.2.0.8-4.el8_5
redhat/java<11-openjdk-1:11.0.14.0.9-2.el8_5
redhat/java<1.8.0-openjdk-1:1.8.0.322.b06-2.el8_5
redhat/java<11-openjdk-1:11.0.14.0.9-1.el8_1
and 160 more
CVE-2022-21291
A flaw was found in the way the Hotspot component of OpenJDK processed classes with _fields that needed to be written to in Rewriter::scan_method(). A specially-crafted Java class file could use this ...
redhat/java<11-openjdk-1:11.0.14.0.9-1.el7_9
redhat/java<17-openjdk-1:17.0.2.0.8-4.el8_5
redhat/java<11-openjdk-1:11.0.14.0.9-2.el8_5
redhat/java<11-openjdk-1:11.0.14.0.9-1.el8_1
redhat/java<11-openjdk-1:11.0.14.0.9-1.el8_2
redhat/java<11-openjdk-1:11.0.14.0.9-2.el8_4
and 37 more
CVE-2022-21366
A flaw was found in the way the TIFFFaxDecompressor, TIFFLZWDecompressor, and TIFFPackBitsDecompressor classes implementations in the ImageIO component of OpenJDK handled memory allocations when proce...
redhat/java<11-openjdk-1:11.0.14.0.9-1.el7_9
redhat/java<17-openjdk-1:17.0.2.0.8-4.el8_5
redhat/java<11-openjdk-1:11.0.14.0.9-2.el8_5
redhat/java<11-openjdk-1:11.0.14.0.9-1.el8_1
redhat/java<11-openjdk-1:11.0.14.0.9-1.el8_2
redhat/java<11-openjdk-1:11.0.14.0.9-2.el8_4
and 32 more
CVE-2022-21360
A flaw was found in the way the BMPImageReader class implementation in the ImageIO component of OpenJDK preformed memory allocations when reading palette information from BMP images. A specially-craft...
redhat/java<11-openjdk-1:11.0.14.0.9-1.el7_9
redhat/java<1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9
redhat/java<1.8.0-ibm-1:1.8.0.7.5-1jpp.1.el7
redhat/java<1.7.1-ibm-1:1.7.1.5.5-1jpp.1.el7
redhat/java<17-openjdk-1:17.0.2.0.8-4.el8_5
redhat/java<11-openjdk-1:11.0.14.0.9-2.el8_5
and 163 more
CVE-2022-21277
A flaw was found in the way the TIFFNullDecompressor class implementation in the ImageIO component of OpenJDK performed reading of uncompressed TIFF files. A specially-crafted TIFF image could cause t...
redhat/java<11-openjdk-1:11.0.14.0.9-1.el7_9
redhat/java<17-openjdk-1:17.0.2.0.8-4.el8_5
redhat/java<11-openjdk-1:11.0.14.0.9-2.el8_5
redhat/java<11-openjdk-1:11.0.14.0.9-1.el8_1
redhat/java<11-openjdk-1:11.0.14.0.9-1.el8_2
redhat/java<11-openjdk-1:11.0.14.0.9-2.el8_4
and 32 more
CVE-2022-21299
A flaw was found in the way the XMLEntityScanner and XML11EntityScanner classes in the JAXP component of OpenJDK handled and normalized newlines in XML entities. A specially-crafted XML document could...
redhat/java<11-openjdk-1:11.0.14.0.9-1.el7_9
redhat/java<1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9
redhat/java<1.7.1-ibm-1:1.7.1.5.10-1jpp.1.el7
redhat/java<17-openjdk-1:17.0.2.0.8-4.el8_5
redhat/java<11-openjdk-1:11.0.14.0.9-2.el8_5
redhat/java<1.8.0-openjdk-1:1.8.0.322.b06-2.el8_5
and 166 more
CVE-2022-21296
It was discovered that the XMLEntityManager class implementation in the JAXP component of OpenJDK did not properly perform access checks. A Java application using SAX XML parser in certain configurati...
redhat/java<11-openjdk-1:11.0.14.0.9-1.el7_9
redhat/java<1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9
redhat/java<17-openjdk-1:17.0.2.0.8-4.el8_5
redhat/java<11-openjdk-1:11.0.14.0.9-2.el8_5
redhat/java<1.8.0-openjdk-1:1.8.0.322.b06-2.el8_5
redhat/java<11-openjdk-1:11.0.14.0.9-1.el8_1
and 160 more
CVE-2022-21282
It was discovered that the TransformerImpl class implementation in the JAXP component of OpenJDK did not properly check access restrictions when performing URI resolution. This could possibly lead to ...
redhat/java<11-openjdk-1:11.0.14.0.9-1.el7_9
redhat/java<1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9
redhat/java<17-openjdk-1:17.0.2.0.8-4.el8_5
redhat/java<11-openjdk-1:11.0.14.0.9-2.el8_5
redhat/java<1.8.0-openjdk-1:1.8.0.322.b06-2.el8_5
redhat/java<11-openjdk-1:11.0.14.0.9-1.el8_1
and 160 more
CVE-2022-21294
An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown att...
redhat/java<11-openjdk-1:11.0.14.0.9-1.el7_9
redhat/java<1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9
redhat/java<1.8.0-ibm-1:1.8.0.7.5-1jpp.1.el7
redhat/java<1.7.1-ibm-1:1.7.1.5.5-1jpp.1.el7
redhat/java<17-openjdk-1:17.0.2.0.8-4.el8_5
redhat/java<11-openjdk-1:11.0.14.0.9-2.el8_5
and 163 more
CVE-2022-21293
An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown att...
redhat/java<11-openjdk-1:11.0.14.0.9-1.el7_9
redhat/java<1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9
redhat/java<1.8.0-ibm-1:1.8.0.7.5-1jpp.1.el7
redhat/java<1.7.1-ibm-1:1.7.1.5.5-1jpp.1.el7
redhat/java<17-openjdk-1:17.0.2.0.8-4.el8_5
redhat/java<11-openjdk-1:11.0.14.0.9-2.el8_5
and 164 more
CVE-2022-21283
A flaw was found in the Pattern class implementation in the Libraries component of OpenJDK. A specially crated input could cause the Pattern class to raise an unexpected exception while performing reg...
redhat/java<11-openjdk-1:11.0.14.0.9-1.el7_9
redhat/java<1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9
redhat/java<17-openjdk-1:17.0.2.0.8-4.el8_5
redhat/java<11-openjdk-1:11.0.14.0.9-2.el8_5
redhat/java<1.8.0-openjdk-1:1.8.0.322.b06-2.el8_5
redhat/java<11-openjdk-1:11.0.14.0.9-1.el8_1
and 157 more
CVE-2021-44228
Apache Log4j2 Remote Code Execution Vulnerability
debian/apache-log4j1.2
debian/apache-log4j2
debian/apache-log4j2<=2.13.3-1<=2.7-2<=2.11.1-2
Apple Xcode<13.3
Apache Log4j2
redhat/log4j<2.15.0
and 429 more
CVE-2021-3859
A flaw was found in Undertow that tripped the client-side invocation timeout with certain calls made over HTTP2. This flaw allows an attacker to carry out denial of service attacks.
redhat/eap7-undertow<0:2.0.41-2.SP2_redhat_00001.1.el6ea
redhat/eap7-undertow<0:2.0.41-2.SP2_redhat_00001.1.el7ea
redhat/eap7-undertow<0:2.0.41-2.SP2_redhat_00001.1.el8ea
redhat/eap7-undertow<0:2.2.13-1.SP2_redhat_00001.1.el8ea
redhat/eap7-undertow<0:2.2.13-1.SP2_redhat_00001.1.el7ea
redhat/rh-sso7-keycloak<0:15.0.4-1.redhat_00003.1.el7
and 10 more
CVE-2021-21290
### Impact When netty's multipart decoders are used local information disclosure can occur via the local system temporary directory if temporary storing uploads on the disk is enabled. The CVSSv3.1 ...
maven/io.netty:netty<4.0.0
maven/org.jboss.netty:netty<4.0.0
maven/io.netty:netty-codec-http>=4.0.0<4.1.59.Final
redhat/qpid-proton<0:0.33.0-6.el7_9
redhat/qpid-proton<0:0.33.0-8.el8
redhat/eap7-artemis-wildfly-integration<0:1.0.4-1.redhat_00001.1.el6ea
and 91 more
CVE-2020-14664
Oracle Java Runtime Environment HTML Rendering Out-Of-Bounds Write Remote Code Execution Vulnerability
Oracle Java Runtime Environment
Oracle JDK=1.8.0-update251
Oracle JRE=1.8.0-update251
NetApp 7-Mode Transition Tool
Netapp Active Iq Unified Manager Windows>=7.3
Netapp Active Iq Unified Manager Vsphere>=9.5
and 13 more
CVE-2020-14577
A flaw was found in the way the JSSE component of OpenJDK performed TLS server name verification. The HostnameChecker class did not check if names stored in TLS server's X.509 certificate are in the ...
redhat/java<1.8.0-openjdk-1:1.8.0.262.b10-0.el6_10
redhat/java<1.7.1-ibm-1:1.7.1.4.70-1jpp.1.el6_10
redhat/java<1.8.0-openjdk-1:1.8.0.262.b10-0.el7_8
redhat/java<11-openjdk-1:11.0.8.10-0.el7_8
redhat/java<1.7.1-ibm-1:1.7.1.4.70-1jpp.1.el7
redhat/java<1.8.0-ibm-1:1.8.0.6.20-1jpp.1.el7
and 56 more
CVE-2020-14581
An unspecified vulnerability in Oracle Java SE and Java SE Embedded related to the 2D component could allow an unauthenticated attacker to obtain sensitive information resulting in a low confidentiali...
ubuntu/openjdk-8<8
ubuntu/openjdk-8<8
ubuntu/openjdk-8<8
ubuntu/openjdk-8<8
ubuntu/openjdk-8<8
ubuntu/openjdk-8<8
and 54 more
CVE-2020-14556
A flaw was found in the way the ForkJoinPool class in the Libraries component of OpenJDK handled its access control context. This could possibly lead to code being executed with incorrect permissions...
redhat/java<1.8.0-openjdk-1:1.8.0.262.b10-0.el6_10
redhat/java<1.8.0-openjdk-1:1.8.0.262.b10-0.el7_8
redhat/java<11-openjdk-1:11.0.8.10-0.el7_8
redhat/java<1.8.0-ibm-1:1.8.0.6.20-1jpp.1.el7
redhat/java<11-openjdk-1:11.0.8.10-0.el8_2
redhat/java<1.8.0-openjdk-1:1.8.0.262.b10-0.el8_2
and 53 more
CVE-2020-14579
A flaw was found in the DerValue class in the Libraries component of OpenJDK. An incorrect implementation of the DerValue.equals() method could cause the class to raise an exception not declared to b...
redhat/java<1.8.0-openjdk-1:1.8.0.262.b10-0.el6_10
redhat/java<1.7.1-ibm-1:1.7.1.4.70-1jpp.1.el6_10
redhat/java<1.8.0-openjdk-1:1.8.0.262.b10-0.el7_8
redhat/java<1.7.1-ibm-1:1.7.1.4.70-1jpp.1.el7
redhat/java<1.8.0-ibm-1:1.8.0.6.20-1jpp.1.el7
redhat/java<1.8.0-openjdk-1:1.8.0.262.b10-0.el8_2
and 46 more
CVE-2020-14593
A flaw was found in the way the imaging library in the 2D component of OpenJDK performed affine transformations of images. An untrusted Java application or applet could use this flaw to bypass certai...
redhat/java<1.8.0-openjdk-1:1.8.0.262.b10-0.el6_10
redhat/java<1.7.1-ibm-1:1.7.1.4.70-1jpp.1.el6_10
redhat/java<1.8.0-openjdk-1:1.8.0.262.b10-0.el7_8
redhat/java<11-openjdk-1:11.0.8.10-0.el7_8
redhat/java<1.7.1-ibm-1:1.7.1.4.70-1jpp.1.el7
redhat/java<1.8.0-ibm-1:1.8.0.6.20-1jpp.1.el7
and 56 more
CVE-2020-14578
A flaw was found in the DerInputStream class in the Libraries component of OpenJDK. A DER (Distinguished Encoding Rules) encoded input using indefinite length encoding not supported by the DerInputSt...
redhat/java<1.8.0-openjdk-1:1.8.0.262.b10-0.el6_10
redhat/java<1.7.1-ibm-1:1.7.1.4.70-1jpp.1.el6_10
redhat/java<1.8.0-openjdk-1:1.8.0.262.b10-0.el7_8
redhat/java<1.7.1-ibm-1:1.7.1.4.70-1jpp.1.el7
redhat/java<1.8.0-ibm-1:1.8.0.6.20-1jpp.1.el7
redhat/java<1.8.0-openjdk-1:1.8.0.262.b10-0.el8_2
and 46 more
CVE-2020-14621
A flaw was found in the way the XMLSchemaValidator class in the JAXP component of OpenJDK enforced the "use-grammar-pool-only" feature. A specially-crafted XML file could possibly use this flaw to ma...
redhat/java<1.8.0-openjdk-1:1.8.0.262.b10-0.el6_10
redhat/java<1.7.1-ibm-1:1.7.1.4.70-1jpp.1.el6_10
redhat/java<1.8.0-openjdk-1:1.8.0.262.b10-0.el7_8
redhat/java<11-openjdk-1:11.0.8.10-0.el7_8
redhat/java<1.7.1-ibm-1:1.7.1.4.70-1jpp.1.el7
redhat/java<1.8.0-ibm-1:1.8.0.6.20-1jpp.1.el7
and 68 more
CVE-2020-14583
An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause low confidentiality impact, low integrity impact, and no availability impact...
redhat/java<1.8.0-openjdk-1:1.8.0.262.b10-0.el6_10
redhat/java<1.7.1-ibm-1:1.7.1.4.70-1jpp.1.el6_10
redhat/java<1.8.0-openjdk-1:1.8.0.262.b10-0.el7_8
redhat/java<11-openjdk-1:11.0.8.10-0.el7_8
redhat/java<1.7.1-ibm-1:1.7.1.4.70-1jpp.1.el7
redhat/java<1.8.0-ibm-1:1.8.0.6.20-1jpp.1.el7
and 56 more
CVE-2020-2778
Vulnerability in the Java SE product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 11.0.6 and 14. Difficult to exploit vulnerability allows unauthenticated att...
redhat/java<11-openjdk-1:11.0.7.10-4.el7_8
redhat/java<11-openjdk-1:11.0.7.10-1.el8_1
redhat/java<11-openjdk-1:11.0.7.10-1.el8_0
debian/openjdk-11
ubuntu/openjdk-14<14.0.1+7-1ubuntu1
ubuntu/openjdk-14<14.0.1+7-1
and 122 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203