Latest oracle openjdk Vulnerabilities

CVE-2022-40433
** REJECT ** This CVE ID has been rejected by its CNA as it was not a security issue.
Oracle OpenJDK=7-update351
Oracle OpenJDK=8
Oracle OpenJDK=11
Oracle OpenJDK=17.0.2
Oracle OpenJDK=18
CVE-2023-21968
An unspecified vulnerability in Oracle Java SE and GraalVM Enterprise Edition related to the Libraries component could allow an unauthenticated attacker to cause low integrity impact.
debian/openjdk-11<=11.0.16+8-1~deb10u1
debian/openjdk-17
debian/openjdk-20
debian/openjdk-8
IBM Cloud Pak for Business Automation<=V23.0.1
IBM Cloud Pak for Business Automation<=V21.0.3 - V21.0.3-IF022
and 92 more
CVE-2023-21937
An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the Networking component could allow a remote attacker to cause integrity impact.
Oracle GraalVM=20.3.9
Oracle GraalVM=21.3.5
Oracle GraalVM=22.3.1
Oracle JDK=1.8.0-update361
Oracle JDK=11.0.18
Oracle JDK=17.0.6
and 92 more
CVE-2023-21938
An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the Libraries component could allow a remote attacker to cause integrity impact.
Oracle GraalVM=20.3.8
Oracle GraalVM=21.3.4
Oracle GraalVM=22.3.0
Oracle JDK=1.8.0-update361
Oracle JDK=11.0.18
Oracle JDK=17.0.6
and 92 more
CVE-2023-21939
An HTML validation flaw was found in the Swing component of OpenJDK. A specially crafted HTML document could cause a Swing Java application to misbehave leading to integrity problems.
Oracle GraalVM=20.3.9
Oracle GraalVM=21.3.5
Oracle GraalVM=22.3.1
Oracle JDK=1.8.0-update361
Oracle JDK=11.0.18
Oracle JDK=17.0.6
and 92 more
CVE-2023-21967
An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the JSSE component could allow a remote attacker to cause high availability impact.
Oracle GraalVM=20.3.9
Oracle GraalVM=21.3.5
Oracle GraalVM=22.3.1
Oracle JDK=1.8.0-update361
Oracle JDK=11.0.18
Oracle JDK=17.0.6
and 92 more
CVE-2023-21954
An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the Hotspot component could allow a remote attacker to cause high confidentiality impact.
Oracle GraalVM=20.3.9
Oracle GraalVM=21.3.5
Oracle GraalVM=22.3.1
Oracle JDK=1.8.0-update361
Oracle JDK=11.0.18
Oracle JDK=17.0.6
and 90 more
CVE-2023-21930
An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the JSSE component could allow an unauthenticated attacker to cause high confidentiality impact and high i...
Oracle GraalVM=20.3.9
Oracle GraalVM=21.3.5
Oracle GraalVM=22.3.1
Oracle JDK=1.8.0-update361
Oracle JDK=11.0.18
Oracle JDK=17.0.6
and 92 more
CVE-2022-21540
An unspecified vulnerability in Java SE related to the VM component could allow an unauthenticated attacker to obtain sensitive information resulting in a low confidentiality impact using unknown atta...
debian/openjdk-11
debian/openjdk-17
debian/openjdk-8
IBM Cloud Transformation Advisor<=2.0.1 - 3.3.1
Oracle GraalVM=20.3.6
Oracle GraalVM=21.3.2
and 155 more
CVE-2022-21541
An unspecified vulnerability in Java SE related to the VM component could allow an unauthenticated attacker to cause no confidentiality impact, high integrity impact, and no availability impact.
debian/openjdk-11
debian/openjdk-17
debian/openjdk-8
IBM Cloud Transformation Advisor<=2.0.1 - 3.3.1
Oracle GraalVM=20.3.6
Oracle GraalVM=21.3.2
and 154 more
CVE-2022-34169
Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets
debian/bcel<=6.2-1
debian/openjdk-11
debian/openjdk-17
debian/openjdk-8
maven/xalan:xalan<2.7.3
Apache Xalan-Java<=2.7.2
and 158 more
CVE-2022-21476
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14,...
redhat/java<11-openjdk-1:11.0.15.0.9-2.el7_9
redhat/java<1.8.0-openjdk-1:1.8.0.332.b09-1.el7_9
redhat/java<11-openjdk-1:11.0.15.0.9-2.el8_5
redhat/java<17-openjdk-1:17.0.3.0.6-2.el8_5
redhat/java<1.8.0-openjdk-1:1.8.0.332.b09-1.el8_5
redhat/java<11-openjdk-1:11.0.15.0.9-2.el8_1
and 168 more
CVE-2022-21349
An unspecified vulnerability in Java SE related to the 2D component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vec...
Oracle GraalVM=20.3.4
Oracle GraalVM=21.3.0
Oracle JDK=1.7.0-update321
Oracle JDK=1.8.0-update311
Oracle JRE=1.7.0-update321
Oracle JRE=1.8.0-update311
and 130 more
CVE-2022-21248
An unspecified vulnerability in Java SE related to the Serialization component could allow an unauthenticated attacker to cause no confidentiality impact, low integrity impact, and no availability imp...
redhat/java<11-openjdk-1:11.0.14.0.9-1.el7_9
redhat/java<1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9
redhat/java<1.8.0-ibm-1:1.8.0.7.5-1jpp.1.el7
redhat/java<1.7.1-ibm-1:1.7.1.5.5-1jpp.1.el7
redhat/java<17-openjdk-1:17.0.2.0.8-4.el8_5
redhat/java<11-openjdk-1:11.0.14.0.9-2.el8_5
and 165 more
CVE-2022-21305
A flaw was found in the way the Hotspot component of OpenJDK handled array indexes on 64-bit x86 platform. A large index could trigger a displacement overflow in LIRGenerator::emit_array_address, poss...
redhat/java<11-openjdk-1:11.0.14.0.9-1.el7_9
redhat/java<1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9
redhat/java<17-openjdk-1:17.0.2.0.8-4.el8_5
redhat/java<11-openjdk-1:11.0.14.0.9-2.el8_5
redhat/java<1.8.0-openjdk-1:1.8.0.322.b06-2.el8_5
redhat/java<11-openjdk-1:11.0.14.0.9-1.el8_1
and 160 more
CVE-2022-21291
A flaw was found in the way the Hotspot component of OpenJDK processed classes with _fields that needed to be written to in Rewriter::scan_method(). A specially-crafted Java class file could use this ...
redhat/java<11-openjdk-1:11.0.14.0.9-1.el7_9
redhat/java<17-openjdk-1:17.0.2.0.8-4.el8_5
redhat/java<11-openjdk-1:11.0.14.0.9-2.el8_5
redhat/java<11-openjdk-1:11.0.14.0.9-1.el8_1
redhat/java<11-openjdk-1:11.0.14.0.9-1.el8_2
redhat/java<11-openjdk-1:11.0.14.0.9-2.el8_4
and 37 more
CVE-2022-21366
A flaw was found in the way the TIFFFaxDecompressor, TIFFLZWDecompressor, and TIFFPackBitsDecompressor classes implementations in the ImageIO component of OpenJDK handled memory allocations when proce...
redhat/java<11-openjdk-1:11.0.14.0.9-1.el7_9
redhat/java<17-openjdk-1:17.0.2.0.8-4.el8_5
redhat/java<11-openjdk-1:11.0.14.0.9-2.el8_5
redhat/java<11-openjdk-1:11.0.14.0.9-1.el8_1
redhat/java<11-openjdk-1:11.0.14.0.9-1.el8_2
redhat/java<11-openjdk-1:11.0.14.0.9-2.el8_4
and 32 more
CVE-2022-21341
An unspecified vulnerability in Java SE related to the Serialization component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown...
redhat/java<11-openjdk-1:11.0.14.0.9-1.el7_9
redhat/java<1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9
redhat/java<1.8.0-ibm-1:1.8.0.7.5-1jpp.1.el7
redhat/java<1.7.1-ibm-1:1.7.1.5.5-1jpp.1.el7
redhat/java<17-openjdk-1:17.0.2.0.8-4.el8_5
redhat/java<11-openjdk-1:11.0.14.0.9-2.el8_5
and 163 more
CVE-2022-21365
An integer overflow flaw was found in the fix applied to the BMPImageReader class implementation in the ImageIO component of OpenJDK to address the <a href="https://access.redhat.com/security/cve/CVE-...
redhat/java<11-openjdk-1:11.0.14.0.9-1.el7_9
redhat/java<1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9
redhat/java<1.8.0-ibm-1:1.8.0.7.5-1jpp.1.el7
redhat/java<1.7.1-ibm-1:1.7.1.5.5-1jpp.1.el7
redhat/java<17-openjdk-1:17.0.2.0.8-4.el8_5
redhat/java<11-openjdk-1:11.0.14.0.9-2.el8_5
and 163 more
CVE-2022-21340
A flaw was found in the way the Attributes class in the Libraries component of OpenJDK performed reading of attributes with very long values from JAR file manifests. A specially-crafted JAR archive co...
redhat/java<11-openjdk-1:11.0.14.0.9-1.el7_9
redhat/java<1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9
redhat/java<1.8.0-ibm-1:1.8.0.7.5-1jpp.1.el7
redhat/java<1.7.1-ibm-1:1.7.1.5.5-1jpp.1.el7
redhat/java<17-openjdk-1:17.0.2.0.8-4.el8_5
redhat/java<11-openjdk-1:11.0.14.0.9-2.el8_5
and 163 more
CVE-2022-21360
A flaw was found in the way the BMPImageReader class implementation in the ImageIO component of OpenJDK preformed memory allocations when reading palette information from BMP images. A specially-craft...
redhat/java<11-openjdk-1:11.0.14.0.9-1.el7_9
redhat/java<1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9
redhat/java<1.8.0-ibm-1:1.8.0.7.5-1jpp.1.el7
redhat/java<1.7.1-ibm-1:1.7.1.5.5-1jpp.1.el7
redhat/java<17-openjdk-1:17.0.2.0.8-4.el8_5
redhat/java<11-openjdk-1:11.0.14.0.9-2.el8_5
and 163 more
CVE-2022-21277
A flaw was found in the way the TIFFNullDecompressor class implementation in the ImageIO component of OpenJDK performed reading of uncompressed TIFF files. A specially-crafted TIFF image could cause t...
redhat/java<11-openjdk-1:11.0.14.0.9-1.el7_9
redhat/java<17-openjdk-1:17.0.2.0.8-4.el8_5
redhat/java<11-openjdk-1:11.0.14.0.9-2.el8_5
redhat/java<11-openjdk-1:11.0.14.0.9-1.el8_1
redhat/java<11-openjdk-1:11.0.14.0.9-1.el8_2
redhat/java<11-openjdk-1:11.0.14.0.9-2.el8_4
and 32 more
CVE-2022-21299
A flaw was found in the way the XMLEntityScanner and XML11EntityScanner classes in the JAXP component of OpenJDK handled and normalized newlines in XML entities. A specially-crafted XML document could...
redhat/java<11-openjdk-1:11.0.14.0.9-1.el7_9
redhat/java<1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9
redhat/java<1.7.1-ibm-1:1.7.1.5.10-1jpp.1.el7
redhat/java<17-openjdk-1:17.0.2.0.8-4.el8_5
redhat/java<11-openjdk-1:11.0.14.0.9-2.el8_5
redhat/java<1.8.0-openjdk-1:1.8.0.322.b06-2.el8_5
and 166 more
CVE-2022-21296
It was discovered that the XMLEntityManager class implementation in the JAXP component of OpenJDK did not properly perform access checks. A Java application using SAX XML parser in certain configurati...
redhat/java<11-openjdk-1:11.0.14.0.9-1.el7_9
redhat/java<1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9
redhat/java<17-openjdk-1:17.0.2.0.8-4.el8_5
redhat/java<11-openjdk-1:11.0.14.0.9-2.el8_5
redhat/java<1.8.0-openjdk-1:1.8.0.322.b06-2.el8_5
redhat/java<11-openjdk-1:11.0.14.0.9-1.el8_1
and 160 more
CVE-2022-21282
It was discovered that the TransformerImpl class implementation in the JAXP component of OpenJDK did not properly check access restrictions when performing URI resolution. This could possibly lead to ...
redhat/java<11-openjdk-1:11.0.14.0.9-1.el7_9
redhat/java<1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9
redhat/java<17-openjdk-1:17.0.2.0.8-4.el8_5
redhat/java<11-openjdk-1:11.0.14.0.9-2.el8_5
redhat/java<1.8.0-openjdk-1:1.8.0.322.b06-2.el8_5
redhat/java<11-openjdk-1:11.0.14.0.9-1.el8_1
and 160 more
CVE-2022-21294
An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown att...
redhat/java<11-openjdk-1:11.0.14.0.9-1.el7_9
redhat/java<1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9
redhat/java<1.8.0-ibm-1:1.8.0.7.5-1jpp.1.el7
redhat/java<1.7.1-ibm-1:1.7.1.5.5-1jpp.1.el7
redhat/java<17-openjdk-1:17.0.2.0.8-4.el8_5
redhat/java<11-openjdk-1:11.0.14.0.9-2.el8_5
and 163 more
CVE-2022-21293
An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown att...
redhat/java<11-openjdk-1:11.0.14.0.9-1.el7_9
redhat/java<1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9
redhat/java<1.8.0-ibm-1:1.8.0.7.5-1jpp.1.el7
redhat/java<1.7.1-ibm-1:1.7.1.5.5-1jpp.1.el7
redhat/java<17-openjdk-1:17.0.2.0.8-4.el8_5
redhat/java<11-openjdk-1:11.0.14.0.9-2.el8_5
and 164 more
CVE-2022-21283
A flaw was found in the Pattern class implementation in the Libraries component of OpenJDK. A specially crated input could cause the Pattern class to raise an unexpected exception while performing reg...
redhat/java<11-openjdk-1:11.0.14.0.9-1.el7_9
redhat/java<1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9
redhat/java<17-openjdk-1:17.0.2.0.8-4.el8_5
redhat/java<11-openjdk-1:11.0.14.0.9-2.el8_5
redhat/java<1.8.0-openjdk-1:1.8.0.322.b06-2.el8_5
redhat/java<11-openjdk-1:11.0.14.0.9-1.el8_1
and 157 more
CVE-2021-35578
A flaw was found in the SSL logger implementation in the JSSE component of OpenJDK. A malicious client could cause a Java application acting as TLS server to raise an unexpected exception during TLS ...
redhat/java<1.8.0-openjdk-1:1.8.0.312.b07-1.el7_9
redhat/java<11-openjdk-1:11.0.13.0.8-1.el7_9
redhat/java<1.8.0-ibm-1:1.8.0.7.0-1jpp.1.el7
redhat/java<11-openjdk-1:11.0.13.0.8-1.el8_4
redhat/java<1.8.0-openjdk-1:1.8.0.312.b07-1.el8_4
redhat/java<17-openjdk-1:17.0.1.0.12-2.el8_5
and 34 more
CVE-2021-35550
An unspecified vulnerability in Java SE related to the JSSE component could allow an unauthenticated attacker to obtain sensitive information resulting in a high confidentiality impact using unknown a...
redhat/java<1.8.0-openjdk-1:1.8.0.312.b07-1.el7_9
redhat/java<11-openjdk-1:11.0.13.0.8-1.el7_9
redhat/java<1.8.0-ibm-1:1.8.0.7.5-1jpp.1.el7
redhat/java<1.7.1-ibm-1:1.7.1.5.5-1jpp.1.el7
redhat/java<11-openjdk-1:11.0.13.0.8-1.el8_4
redhat/java<1.8.0-openjdk-1:1.8.0.312.b07-1.el8_4
and 32 more
CVE-2021-35588
A flaw was found in the way the ClassFileParser class implementation in the Hotspot component of OpenJDK performed validation of inner class index values. A specially-crafted class file could cause a...
redhat/java<1.8.0-openjdk-1:1.8.0.312.b07-1.el7_9
redhat/java<1.8.0-openjdk-1:1.8.0.312.b07-1.el8_4
redhat/java<1.8.0-openjdk-1:1.8.0.312.b07-1.el8_1
redhat/java<1.8.0-openjdk-1:1.8.0.312.b07-1.el8_2
IBM Cognos Analytics<=12.0.0-12.0.1
IBM Cognos Analytics<=11.2.0-11.2.4 FP2
and 21 more
CVE-2021-35567
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 8u301, 11.0.12, 17; Oracle GraalVM E...
redhat/java<1.8.0-openjdk-1:1.8.0.312.b07-1.el7_9
redhat/java<11-openjdk-1:11.0.13.0.8-1.el7_9
redhat/java<11-openjdk-1:11.0.13.0.8-1.el8_4
redhat/java<1.8.0-openjdk-1:1.8.0.312.b07-1.el8_4
redhat/java<17-openjdk-1:17.0.1.0.12-2.el8_5
redhat/java<1.8.0-openjdk-1:1.8.0.312.b07-1.el8_1
and 29 more
CVE-2021-35560
An unspecified vulnerability in Java SE related to the Deployment component could allow an unauthenticated attacker to take control of the system.
redhat/java<1.8.0-ibm-1:1.8.0.7.0-1jpp.1.el7
redhat/java<1.8.0-ibm-1:1.8.0.7.0-1.el8_5
IBM Cognos Analytics<=12.0.0-12.0.1
IBM Cognos Analytics<=11.2.0-11.2.4 FP2
IBM Cognos Analytics<=11.1.1-11.1.7 FP7
Oracle OpenJDK=8-update301
and 5 more
CVE-2021-35603
An unspecified vulnerability in Java SE related to the JSSE component could allow an unauthenticated attacker to obtain sensitive information resulting in a low confidentiality impact using unknown at...
redhat/java<1.8.0-openjdk-1:1.8.0.312.b07-1.el7_9
redhat/java<11-openjdk-1:11.0.13.0.8-1.el7_9
redhat/java<1.8.0-ibm-1:1.8.0.7.5-1jpp.1.el7
redhat/java<1.7.1-ibm-1:1.7.1.5.5-1jpp.1.el7
redhat/java<11-openjdk-1:11.0.13.0.8-1.el8_4
redhat/java<1.8.0-openjdk-1:1.8.0.312.b07-1.el8_4
and 36 more
CVE-2021-35586
A flaw was found in the way the BMPImageReader class implementation in the ImageIO component of OpenJDK handled memory allocations when processing uncompressed BMP images. A specially-crafted BMP ima...
redhat/java<1.8.0-openjdk-1:1.8.0.312.b07-1.el7_9
redhat/java<11-openjdk-1:11.0.13.0.8-1.el7_9
redhat/java<1.8.0-ibm-1:1.8.0.7.0-1jpp.1.el7
redhat/java<1.7.1-ibm-1:1.7.1.5.0-1jpp.1.el7
redhat/java<11-openjdk-1:11.0.13.0.8-1.el8_4
redhat/java<1.8.0-openjdk-1:1.8.0.312.b07-1.el8_4
and 36 more
CVE-2021-35564
An unspecified vulnerability in Java SE related to the Keytool component could allow an unauthenticated attacker to cause no confidentiality impact, low integrity impact, and no availability impact.
redhat/java<1.8.0-openjdk-1:1.8.0.312.b07-1.el7_9
redhat/java<11-openjdk-1:11.0.13.0.8-1.el7_9
redhat/java<1.8.0-ibm-1:1.8.0.7.0-1jpp.1.el7
redhat/java<1.7.1-ibm-1:1.7.1.5.0-1jpp.1.el7
redhat/java<11-openjdk-1:11.0.13.0.8-1.el8_4
redhat/java<1.8.0-openjdk-1:1.8.0.312.b07-1.el8_4
and 36 more
CVE-2021-35561
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Utility). Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle Graa...
redhat/java<1.8.0-openjdk-1:1.8.0.312.b07-1.el7_9
redhat/java<11-openjdk-1:11.0.13.0.8-1.el7_9
redhat/java<1.7.1-ibm-1:1.7.1.5.10-1jpp.1.el7
redhat/java<1.8.0-ibm-1:1.8.0.7.10-1jpp.1.el7
redhat/java<11-openjdk-1:11.0.13.0.8-1.el8_4
redhat/java<1.8.0-openjdk-1:1.8.0.312.b07-1.el8_4
and 33 more
CVE-2021-35559
A flaw was found in the way the RTFReader class implementation in the Swing component of OpenJDK handled style keyword parameters. A specially crafted Rich Text Format (RTF) file could cause a Java a...
redhat/java<1.8.0-openjdk-1:1.8.0.312.b07-1.el7_9
redhat/java<11-openjdk-1:11.0.13.0.8-1.el7_9
redhat/java<1.8.0-ibm-1:1.8.0.7.0-1jpp.1.el7
redhat/java<1.7.1-ibm-1:1.7.1.5.0-1jpp.1.el7
redhat/java<11-openjdk-1:11.0.13.0.8-1.el8_4
redhat/java<1.8.0-openjdk-1:1.8.0.312.b07-1.el8_4
and 36 more
CVE-2021-35556
An unspecified vulnerability in Java SE related to the Swing component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack ...
redhat/java<1.8.0-openjdk-1:1.8.0.312.b07-1.el7_9
redhat/java<11-openjdk-1:11.0.13.0.8-1.el7_9
redhat/java<1.8.0-ibm-1:1.8.0.7.0-1jpp.1.el7
redhat/java<1.7.1-ibm-1:1.7.1.5.0-1jpp.1.el7
redhat/java<11-openjdk-1:11.0.13.0.8-1.el8_4
redhat/java<1.8.0-openjdk-1:1.8.0.312.b07-1.el8_4
and 36 more
CVE-2021-35565
An unspecified vulnerability in Java SE related to the JSSE component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack v...
redhat/java<1.8.0-openjdk-1:1.8.0.312.b07-1.el7_9
redhat/java<11-openjdk-1:11.0.13.0.8-1.el7_9
redhat/java<1.8.0-ibm-1:1.8.0.7.0-1jpp.1.el7
redhat/java<1.7.1-ibm-1:1.7.1.5.0-1jpp.1.el7
redhat/java<11-openjdk-1:11.0.13.0.8-1.el8_4
redhat/java<1.8.0-openjdk-1:1.8.0.312.b07-1.el8_4
and 33 more
CVE-2021-2341
A flaw was found in the way the FtpClient implementation in the Networking component of OpenJDK handled responses to the FTP PASV command. A malicious FTP server could cause a Java application using ...
debian/openjdk-11
debian/openjdk-8
IBM DRM<=2.0.6
Oracle GraalVM=20.3.2
Oracle GraalVM=21.1.0
Oracle OpenJDK=7-update301
and 7 more
CVE-2021-32553
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-17 package apport hooks, it could expose private data to ...
Canonical Ubuntu Linux=18.04
Canonical Ubuntu Linux=20.04
Canonical Ubuntu Linux=20.10
Canonical Ubuntu Linux=21.04
Canonical Ubuntu Linux=21.10
Oracle OpenJDK=17
CVE-2021-3522
GStreamer before 1.18.4 may perform an out-of-bounds read when handling certain ID3v2 tags.
Gstreamer Project Gstreamer<1.18.4
Netapp Active Iq Unified Manager Vmware Vsphere
Netapp Active Iq Unified Manager Windows
NetApp E-Series SANtricity OS Controller>=11.0.0<=11.70.1
Netapp E-series Santricity Storage Manager
Netapp E-series Santricity Web Services Web Services Proxy
and 8 more
CVE-2021-3537
A NULL pointer dereference flaw was found in libxml2, where it did not propagate errors while parsing XML mixed content. This flaw causes the application to crash if an untrusted XML document is parse...
redhat/jbcs-httpd24-apr-util<0:1.6.1-91.el8
redhat/jbcs-httpd24-curl<0:7.78.0-3.el8
redhat/jbcs-httpd24-httpd<0:2.4.37-80.el8
redhat/jbcs-httpd24-nghttp2<0:1.39.2-41.el8
redhat/jbcs-httpd24-openssl<1:1.1.1g-11.el8
redhat/jbcs-httpd24-openssl-chil<0:1.0.0-11.el8
and 36 more
CVE-2021-2161
An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause no confidentiality impact, high integrity impact, and no availability impact...
IBM DRM<=2.0.6
Oracle JDK=1.7.0-update291
Oracle JDK=1.8.0-update281
Oracle JDK=11.0.10
Oracle JDK=16.0.0
Oracle JRE=1.8.0-update281
and 140 more
CVE-2021-2163
An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause no confidentiality impact, high integrity impact, and no availability impact...
debian/openjdk-11
debian/openjdk-17
debian/openjdk-8
IBM Sterling Secure Proxy<=6.0.3
Oracle JDK=1.7.0-update291
Oracle JDK=1.8.0-update281
and 131 more
CVE-2021-3517
A heap-based buffer overflow was found in libxml2 when processing truncated UTF-8 input. Reference: <a href="https://gitlab.gnome.org/GNOME/libxml2/-/issues/235">https://gitlab.gnome.org/GNOME/libxml...
rubygems/nokogiri<1.11.4
redhat/jbcs-httpd24-apr-util<0:1.6.1-91.el8
redhat/jbcs-httpd24-curl<0:7.78.0-3.el8
redhat/jbcs-httpd24-httpd<0:2.4.37-80.el8
redhat/jbcs-httpd24-nghttp2<0:1.39.2-41.el8
redhat/jbcs-httpd24-openssl<1:1.1.1g-11.el8
and 46 more
CVE-2021-20264
An insecure modification flaw in the /etc/passwd file was found in the openjdk-1.8 and openjdk-11 containers. This flaw allows an attacker with access to the container to modify the /etc/passwd and es...
redhat/openjdk<1.8
Oracle OpenJDK=1.8.0
Oracle OpenJDK=11
CVE-2020-2816
Vulnerability in the Java SE product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 11.0.6 and 14. Easily exploitable vulnerability allows unauthenticated attac...
redhat/java<11-openjdk-1:11.0.7.10-4.el7_8
redhat/java<11-openjdk-1:11.0.7.10-1.el8_1
redhat/java<11-openjdk-1:11.0.7.10-1.el8_0
ubuntu/openjdk-14<14.0.1+7-1ubuntu1
ubuntu/openjdk-14<14.0.1+7-1
ubuntu/openjdk-lts<11.0.7+10-2ubuntu2~18.04
and 121 more
CVE-2020-2781
An unspecified vulnerability in Java SE related to the Java SE JSSE component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown ...
redhat/java<1.8.0-openjdk-1:1.8.0.252.b09-2.el6_10
redhat/java<1.7.0-openjdk-1:1.7.0.261-2.6.22.1.el6_10
redhat/java<1.7.1-ibm-1:1.7.1.4.65-1jpp.1.el6_10
redhat/java<1.8.0-ibm-1:1.8.0.6.10-1jpp.1.el6_10
redhat/java<1.7.0-openjdk-1:1.7.0.261-2.6.22.2.el7_8
redhat/java<11-openjdk-1:11.0.7.10-4.el7_8
and 166 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203