Download
| Alert*
oval:org.secpod.oval:def:89000551
This update for java-1_7_0-openjdk to version 7u261 fixes the following issues: - CVE-2020-2756: Better mapping of serial ENUMs - CVE-2020-2757: Less Blocking Array Queues - CVE-2020-2773: Better signatures in XML - CVE-2020-2781: Improve TLS session handling - CVE-2020-2800: Better Headings for ... oval:org.secpod.oval:def:89000313 This update for java-11-openjdk fixes the following issues: Java was updated to jdk-11.0.7+10 . Security issues fixed: - CVE-2020-2754: Fixed an incorrect handling of regular expressions that could have resulted in denial of service . - CVE-2020-2755: Fixed an incorrect handling of regular expressio ... oval:org.secpod.oval:def:503661 The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Security Fix: * OpenJDK: Incorrect bounds checks in NIO Buffers * OpenJDK: Incorrect type checks in MethodType.readObject * OpenJDK: Unexpected exceptions raised by DOM ... oval:org.secpod.oval:def:503662 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: Incorrect bounds checks in NIO Buffers * OpenJDK: Incorrect type checks in MethodType.readObject * OpenJDK: Application data accepted before TLS ... oval:org.secpod.oval:def:503660 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: * OpenJDK: Incorrect bounds checks in NIO Buffers * OpenJDK: Incorrect type checks in MethodType.readObject * OpenJDK: Unexpected exceptions raised by DOM ... oval:org.secpod.oval:def:503666 The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Security Fix: * OpenJDK: Incorrect bounds checks in NIO Buffers * OpenJDK: Incorrect type checks in MethodType.readObject * OpenJDK: Unexpected exceptions raised by DOM ... oval:org.secpod.oval:def:503663 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: * OpenJDK: Incorrect bounds checks in NIO Buffers * OpenJDK: Incorrect type checks in MethodType.readObject * OpenJDK: Unexpected exceptions raised by DOM ... oval:org.secpod.oval:def:118165 The OpenJDK runtime environment 8. oval:org.secpod.oval:def:1700333 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE . Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromi ... oval:org.secpod.oval:def:503664 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: Incorrect bounds checks in NIO Buffers * OpenJDK: Incorrect type checks in MethodType.readObject * OpenJDK: Application data accepted before TLS ... oval:org.secpod.oval:def:503667 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: * OpenJDK: Incorrect bounds checks in NIO Buffers * OpenJDK: Incorrect type checks in MethodType.readObject * OpenJDK: Unexpected exceptions raised by DOM ... oval:org.secpod.oval:def:505609 IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR6-FP10. Security Fix: * OpenJDK: Improper handling of Kerberos proxy credentials * OpenJDK: Incorrect bounds checks in NIO Buffers * OpenJD ... oval:org.secpod.oval:def:705441 openjdk-8: Open Source Java implementation - openjdk-lts: Open Source Java implementation Several security issues were fixed in OpenJDK. oval:org.secpod.oval:def:1601766 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE . Supported versions that are affected are Java SE: 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java ... oval:org.secpod.oval:def:1601127 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE . Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromi ... oval:org.secpod.oval:def:1700327 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE . Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromi ... oval:org.secpod.oval:def:62710 The host is installed with Oracle Java SE through 7u251, 8u241, 11.0.6 or 14 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to Concurrency. Successful exploitation allows attackers to affect availability. oval:org.secpod.oval:def:118227 The OpenJDK runtime environment 8. oval:org.secpod.oval:def:604816 Several vulnerabilities have been discovered in the OpenJDK Java runtime, resulting in denial of service, insecure TLS handshakes, bypass of sandbox restrictions or HTTP response splitting attacks. oval:org.secpod.oval:def:1502881 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1700318 Further information about this update can be found in the Corretto 11 change log oval:org.secpod.oval:def:1502880 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502885 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502886 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502883 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502884 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:63272 Several vulnerabilities have been discovered in the OpenJDK Java runtime, resulting in denial of service, insecure TLS handshakes, bypass of sandbox restrictions or HTTP response splitting attacks. oval:org.secpod.oval:def:1502888 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:89000121 This update for java-1_7_1-ibm fixes the following issues: java-1_7_1-ibm was updated to Java 7.1 Service Refresh 4 Fix Pack 65 - CVE-2020-2654: Fixed an issue which could have resulted in unauthorized ability to cause a partial denial of service - CVE-2020-2756: Improved mapping of serial ENUMs - ... oval:org.secpod.oval:def:89000644 This update for java-1_7_1-ibm fixes the following issues: java-1_7_1-ibm was updated to Java 7.1 Service Refresh 4 Fix Pack 65 - CVE-2020-2654: Fixed an issue which could have resulted in unauthorized ability to cause a partial denial of service - CVE-2020-2756: Improved mapping of serial ENUMs - ... oval:org.secpod.oval:def:89000639 This update for java-1_8_0-openjdk to version jdk8u252 fixes the following issues: - CVE-2020-2754: Forward references to Nashorn - CVE-2020-2755: Improve Nashorn matching - CVE-2020-2756: Better mapping of serial ENUMs - CVE-2020-2757: Less Blocking Array Queues - CVE-2020-2773: Better signatur ... oval:org.secpod.oval:def:70195 openjdk-8: Open Source Java implementation - openjdk-lts: Open Source Java implementation Several security issues were fixed in OpenJDK. oval:org.secpod.oval:def:89000110 This update for java-1_8_0-ibm fixes the following issues: java-1_8_0-ibm was updated to Java 8.0 Service Refresh 6 Fix Pack 10 - CVE-2020-2654: Fixed an issue which could have resulted in unauthorized ability to cause a partial denial of service - CVE-2020-2754: Forwarded references to Nashorn - C ... oval:org.secpod.oval:def:89000238 This update for java-1_8_0-ibm fixes the following issues: java-1_8_0-ibm was updated to Java 8.0 Service Refresh 6 Fix Pack 10 - CVE-2020-2654: Fixed an issue which could have resulted in unauthorized ability to cause a partial denial of service - CVE-2020-2754: Forwarded references to Nashorn - C ... oval:org.secpod.oval:def:505489 IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP65. Security Fix: * OpenJDK: Incorrect bounds checks in NIO Buffers * OpenJDK: Incorrect type checks in MethodType.readObject ... oval:org.secpod.oval:def:62749 The host is installed with Oracle Java SE through 7u251, 8u241, 11.0.6 or 14 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to Concurrency. Successful exploitation allows attackers to affect availability. oval:org.secpod.oval:def:505926 IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR6-FP10. Security Fix: * OpenJDK: Improper handling of Kerberos proxy credentials * OpenJDK: Incorrect bounds checks in NIO Buffers * OpenJD ... oval:org.secpod.oval:def:66547 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: * OpenJDK: Incorrect bounds checks in NIO Buffers * OpenJDK: Incorrect type checks in MethodType.readObject * OpenJDK: Unexpected exceptions raised by DOM ... oval:org.secpod.oval:def:66546 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: Incorrect bounds checks in NIO Buffers * OpenJDK: Incorrect type checks in MethodType.readObject * OpenJDK: Application data accepted before TLS ... oval:org.secpod.oval:def:604821 Several vulnerabilities have been discovered in the OpenJDK Java runtime, resulting in denial of service, insecure TLS handshakes, bypass of sandbox restrictions or HTTP response splitting attacks. oval:org.secpod.oval:def:89000103 This update for java-1_8_0-openjdk to version jdk8u252 fixes the following issues: - CVE-2020-2754: Forward references to Nashorn - CVE-2020-2755: Improve Nashorn matching - CVE-2020-2756: Better mapping of serial ENUMs - CVE-2020-2757: Less Blocking Array Queues - CVE-2020-2773: Better signatur ... oval:org.secpod.oval:def:118195 The OpenJDK runtime environment 8. oval:org.secpod.oval:def:1801865 There is an security update to OpenJDK 11.0.9. oval:org.secpod.oval:def:62750 The host is installed with Oracle Java SE through 7u251, 8u241, 11.0.6 or 14 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to Concurrency. Successful exploitation allows attackers to affect availability. oval:org.secpod.oval:def:205562 The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Security Fix: * OpenJDK: Incorrect bounds checks in NIO Buffers * OpenJDK: Incorrect type checks in MethodType.readObject * OpenJDK: Unexpected exceptions raised by DOM ... oval:org.secpod.oval:def:505268 IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP65. Security Fix: * OpenJDK: Incorrect bounds checks in NIO Buffers * OpenJDK: Incorrect type checks in MethodType.readObject ... oval:org.secpod.oval:def:205563 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: Incorrect bounds checks in NIO Buffers * OpenJDK: Incorrect type checks in MethodType.readObject * OpenJDK: Application data accepted before TLS ... oval:org.secpod.oval:def:65117 The host is missing a patch containing a security fixes, which affects the following package(s): Java oval:org.secpod.oval:def:205551 The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Security Fix: * OpenJDK: Incorrect bounds checks in NIO Buffers * OpenJDK: Incorrect type checks in MethodType.readObject * OpenJDK: Unexpected exceptions raised by DOM ... oval:org.secpod.oval:def:89000568 This update for java-11-openjdk fixes the following issues: Java was updated to jdk-11.0.7+10 . Security issues fixed: - CVE-2020-2754: Fixed an incorrect handling of regular expressions that could have resulted in denial of service . - CVE-2020-2755: Fixed an incorrect handling of regular expressio ... oval:org.secpod.oval:def:205557 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: * OpenJDK: Incorrect bounds checks in NIO Buffers * OpenJDK: Incorrect type checks in MethodType.readObject * OpenJDK: Unexpected exceptions raised by DOM ... oval:org.secpod.oval:def:505555 IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR6-FP10. Security Fix: * OpenJDK: Improper handling of Kerberos proxy credentials * OpenJDK: Incorrect bounds checks in NIO Buffers * OpenJD ... oval:org.secpod.oval:def:205552 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: * OpenJDK: Incorrect bounds checks in NIO Buffers * OpenJDK: Incorrect type checks in MethodType.readObject * OpenJDK: Unexpected exceptions raised by DOM ... oval:org.secpod.oval:def:62653 The host is installed with Oracle Java SE through 7u251, 8u241, 11.0.6 or 14 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to Concurrency. Successful exploitation allows attackers to affect availability. |