Download
| Alert*
|
oval:org.secpod.oval:def:96923
The host is missing a patch containing a security fixes, which affects the following package(s): Java oval:org.secpod.oval:def:19500461 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK product of Oracle Java SE . Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 20.0.2; Oracle GraalVM for JDK: 17.0.8 and 20.0.2. Easily exploitable vulnerability allows unauthenticated attacker wit ... oval:org.secpod.oval:def:19500464 Memory corruption bug on JDK 21 and 20 when AVX-512 is enabled. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK product of Oracle Java SE . Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 20.0.2; Oracle GraalVM for JDK: 17.0.8 and 20.0.2. Easi ... oval:org.secpod.oval:def:19500467 Vulnerability in Oracle Java SE . Supported versions that are affected are Oracle Java SE: 8u381 and 8u381-perf. Easily exploitable vulnerability allows unauthenticated attacker with network access via CORBA to compromise Oracle Java SE. Successful attacks of this vulnerability can result in unautho ... oval:org.secpod.oval:def:89051182 This update for java-1_8_0-ibm fixes the following issues: * Update to Java 8.0 Service Refresh 8 Fix Pack 15: * Oracle October 17 2023 CPU [bsc#1216640] Security fixes: * CVE-2023-22081: Fixed enhanced TLS connections * CVE-2023-22067: Fixed IOR deserialization issue in CORBA * CVE-2023-22025: Fi ... oval:org.secpod.oval:def:1507115 [1:11.0.21.0.9-2.0.1] - Update to jdk-11.0.21+9 - Update release notes to 11.0.21+9 - OpenJDK: certificate path validation issue during client authentication - OpenJDK: Additional zip64 files validation - OpenJDK: Print an exception when encountering null addresses while producing thread dumps oval:org.secpod.oval:def:1507117 [1:17.0.9.0.9-2.0.1] - Update to jdk-17.0.9+9 - Update release notes to 17.0.9+9 - OpenJDK: memory corruption issue on x86_64 with AVX-512 - OpenJDK: certificate path validation issue during client authentication - OpenJDK: Additional zip64 files validation oval:org.secpod.oval:def:19500459 Memory corruption bug on JDK 21 and 20 when AVX-512 is enabled. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK product of Oracle Java SE . Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 20.0.2; Oracle GraalVM for JDK: 17.0.8 and 20.0.2. Easi ... oval:org.secpod.oval:def:94670 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix(es): * OpenJDK: certificate path validation issue during client authentication (8309966) (CVE-2023-22081) For more details about the security issue(s), includi ... oval:org.secpod.oval:def:1701867 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK product of Oracle Java SE . Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 20.0.2; Oracle GraalVM for JDK: 17.0.8 and 20.0.2. Easily exploitable vulnerability allows unauthenticated attacker wit ... oval:org.secpod.oval:def:1507119 [1:11.0.21.0.9-2.0.1] - Add Oracle vendor bug URL [Orabug: 34340155] - Update to jdk-11.0.21+9 - Update release notes to 11.0.21+9 - OpenJDK: certificate path validation issue during client authentication - OpenJDK: Additional zip64 files validation - OpenJDK: Print an exception when encounteri ... oval:org.secpod.oval:def:1701860 Memory corruption bug on JDK 21 and 20 when AVX-512 is enabled. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK product of Oracle Java SE . Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 20.0.2; Oracle GraalVM for JDK: 17.0.8 and 20.0.2. Easi ... oval:org.secpod.oval:def:89051011 This update for java-11-openjdk fixes the following issues: * Upgraded to JDK 11.0.21+9 : * CVE-2023-22081: Fixed a partial denial of service issue that could be triggered via HTTPS . Please visit the Oracle Release Notes page for the full changelog: https://www.oracle.com/java/technologies/javase/1 ... oval:org.secpod.oval:def:708633 openjdk-17: Open Source Java implementation - openjdk-21: Open Source Java implementation - openjdk-lts: Open Source Java implementation Several security issues were fixed in OpenJDK 17, OpenJDK 21, OpenJDK. oval:org.secpod.oval:def:508160 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: OpenJDK: certificate path validation issue during client authentication For more details about the security issue, including the impact, a CVSS score, acknow ... oval:org.secpod.oval:def:89051135 This update for java-1_8_0-openjdk fixes the following issues: Update to version jdk8u392 October 2023 CPU: * CVE-2023-22067: Fixed IOR deserialization issue in CORBA . * CVE-2023-22081: Fixed certificate path validation issue during client authentication . * CVE-2015-4000: Fixed Logjam issue in SL ... oval:org.secpod.oval:def:1507084 [1:1.8.0.392.b08-2] - Revert jcmd move as jcmd will not operate without tools.jar - Related: RHEL-13577 [1:1.8.0.392.b08-1] - Update to shenandoah-jdk8u392-b08 - Update release notes for shenandoah-8u392-b08. - Update generate_tarball.sh to be closer to upstream vanilla script inc. no more ECC remo ... oval:org.secpod.oval:def:94674 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix(es): * OpenJDK: certificate path validation issue during client authentication (8309966) (CVE-2023-22081) For more details about the security issue(s), includi ... oval:org.secpod.oval:def:94671 The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fix(es): * OpenJDK: memory corruption issue on x86_64 with AVX-512 (8317121) (CVE-2023-22025) * OpenJDK: certificate path validation issue during client authenticat ... oval:org.secpod.oval:def:95244 Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in bypass of sandbox restrictions or denial of service. oval:org.secpod.oval:def:612792 Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service. oval:org.secpod.oval:def:508166 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: OpenJDK: IOR deserialization issue in CORBA OpenJDK: certificate path validation issue during client authentication For more details about the security is ... oval:org.secpod.oval:def:3301928 Security update for java-17-openjdk oval:org.secpod.oval:def:508123 The java-21-openjdk packages provide the OpenJDK 21 Java Runtime Environment and the OpenJDK 21 Java Software Development Kit. Security Fix: OpenJDK: memory corruption issue on x86_64 with AVX-512 OpenJDK: certificate path validation issue during client authentication For more details about the ... oval:org.secpod.oval:def:94675 The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fix(es): * OpenJDK: memory corruption issue on x86_64 with AVX-512 (8317121) (CVE-2023-22025) * OpenJDK: certificate path validation issue during client authentica ... oval:org.secpod.oval:def:1701853 Vulnerability in Oracle Java SE . Supported versions that are affected are Oracle Java SE: 8u381 and 8u381-perf. Easily exploitable vulnerability allows unauthenticated attacker with network access via CORBA to compromise Oracle Java SE. Successful attacks of this vulnerability can result in unautho ... oval:org.secpod.oval:def:2501257 The java-21-openjdk packages provide the OpenJDK 21 Java Runtime Environment and the OpenJDK 21 Java Software Development Kit. oval:org.secpod.oval:def:1507123 [1:17.0.9.0.9-2.0.1] - Update to jdk-17.0.9+9 - Update release notes to 17.0.9+9 - OpenJDK: memory corruption issue on x86_64 with AVX-512 - OpenJDK: certificate path validation issue during client authentication - OpenJDK: Additional zip64 files validation oval:org.secpod.oval:def:612752 Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in bypass of sandbox restrictions or denial of service. oval:org.secpod.oval:def:1702026 Vulnerability in Oracle Java SE . Supported versions that are affected are Oracle Java SE: 8u381 and 8u381-perf. Easily exploitable vulnerability allows unauthenticated attacker with network access via CORBA to compromise Oracle Java SE. Successful attacks of this vulnerability can result in unautho ... oval:org.secpod.oval:def:2600354 The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. oval:org.secpod.oval:def:93913 The host is installed with Oracle Java SE through 8u381, 11.0.20, 17.0.8, or 20.0.2 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to JSSE. Successful exploitation allows attackers to affect availability. oval:org.secpod.oval:def:93836 The host is installed with Oracle Java SE through 8u381, 11.0.20, 17.0.8, or 20.0.2 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to JSSE. Successful exploitation allows attackers to affect availability. oval:org.secpod.oval:def:2600356 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. oval:org.secpod.oval:def:2600396 The java-21-openjdk packages provide the OpenJDK 21 Java Runtime Environment and the OpenJDK 21 Java Software Development Kit. oval:org.secpod.oval:def:206051 Security Fix: OpenJDK: IOR deserialization issue in CORBA OpenJDK: certificate path validation issue during client authentication For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the Ref ... oval:org.secpod.oval:def:89051041 This update for java-17-openjdk fixes the following issues: * Updated to JDK 17.0.9+9 : * CVE-2023-22081: Fixed a partial denial of service issue that could be triggered via HTTPS . * CVE-2023-22025: Fixed a memory corruption issue in applications using AVX-512 . Please visit the Oracle Release Note ... oval:org.secpod.oval:def:1507094 [1:11.0.21.0.9-1.0.1] - link atomic for ix86 build [1:11.0.21.0.9-1] - Update to jdk-11.0.21+9 - Update release notes to 11.0.21+9 - Remove system crypto policy patch which doesn"t belong on RHEL 7 with no system policies - Update generate_tarball.sh to be closer to upstream vanilla script inc. no ... oval:org.secpod.oval:def:1601872 Vulnerability in Oracle Java SE . Supported versions that are affected are Oracle Java SE: 8u381 and 8u381-perf. Easily exploitable vulnerability allows unauthenticated attacker with network access via CORBA to compromise Oracle Java SE. Successful attacks of this vulnerability can result in unautho ... oval:org.secpod.oval:def:2501201 The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. oval:org.secpod.oval:def:2501203 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. oval:org.secpod.oval:def:95383 Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service. oval:org.secpod.oval:def:93917 The host is installed with Oracle Java SE through 8u381, 11.0.20, 17.0.8, or 20.0.2 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to JSSE. Successful exploitation allows attackers to affect availability. oval:org.secpod.oval:def:89050989 This update for java-11-openjdk fixes the following issues: * Upgraded to JDK 11.0.21+9 : * CVE-2023-22081: Fixed a partial denial of service issue that could be triggered via HTTPS . Please visit the Oracle Release Notes page for the full changelog: https://www.oracle.com/java/technologies/javase/1 ... oval:org.secpod.oval:def:89051190 This update for java-1_8_0-ibm fixes the following issues: * Update to Java 8.0 Service Refresh 8 Fix Pack 15: * Oracle October 17 2023 CPU [bsc#1216640] Security fixes: * CVE-2023-22081: Fixed enhanced TLS connections * CVE-2023-22067: Fixed IOR deserialization issue in CORBA * CVE-2023-22025: Fi ... oval:org.secpod.oval:def:206040 Security Fix: OpenJDK: certificate path validation issue during client authentication For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Bug Fix: oval:org.secpod.oval:def:508023 The java-21-openjdk packages provide the OpenJDK 21 Java Runtime Environment and the OpenJDK 21 Java Software Development Kit. Security Fix: OpenJDK: memory corruption issue on x86_64 with AVX-512 OpenJDK: certificate path validation issue during client authentication For more details about the ... oval:org.secpod.oval:def:96481 openjdk-17: Open Source Java implementation - openjdk-21: Open Source Java implementation - openjdk-lts: Open Source Java implementation Several security issues were fixed in OpenJDK 17, OpenJDK 21, OpenJDK. oval:org.secpod.oval:def:1701996 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK product of Oracle Java SE . Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 20.0.2; Oracle GraalVM for JDK: 17.0.8 and 20.0.2. Easily exploitable vulnerability allows unauthenticated attacker wit ... oval:org.secpod.oval:def:89051149 This update for java-1_8_0-openjdk fixes the following issues: Update to version jdk8u392 October 2023 CPU: * CVE-2023-22067: Fixed IOR deserialization issue in CORBA . * CVE-2023-22081: Fixed certificate path validation issue during client authentication . * CVE-2015-4000: Fixed Logjam issue in SL ... oval:org.secpod.oval:def:509069 IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR8-FP15. Security Fix: IBM JDK: Eclipse OpenJ9 JVM denial of service OpenJDK: IOR deserialization issue in CORBA OpenJDK: certificate path va ... oval:org.secpod.oval:def:509041 IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR8-FP15. Security Fix: IBM JDK: Eclipse OpenJ9 JVM denial of service OpenJDK: IOR deserialization issue in CORBA OpenJDK: certificate path va ... oval:org.secpod.oval:def:93870 The host is installed with Oracle Java SE through 8u381, 11.0.20, 17.0.8, or 20.0.2 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to JSSE. Successful exploitation allows attackers to affect availability. oval:org.secpod.oval:def:1507127 [1:1.8.0.392.b08-4.0.1] - Update to shenandoah-jdk8u392-b08 - OpenJDK: segmentation fault in ciMethodBlocks - OpenJDK: IOR deserialization issue in CORBA - OpenJDK: certificate path validation issue during client authentication - A maximum signature file size property, jdk.jar.maxSignatureFile ... oval:org.secpod.oval:def:1507129 [1:1.8.0.392.b08-3.0.1] - Update to shenandoah-jdk8u392-b08 - OpenJDK: segmentation fault in ciMethodBlocks - OpenJDK: IOR deserialization issue in CORBA - OpenJDK: certificate path validation issue during client authentication - A maximum signature file size property, jdk.jar.maxSignatureFile ... oval:org.secpod.oval:def:19500485 An issue was discovered in function ciMethodBlocks::make_block_at in Oracle JDK 11, 17 and OpenJDK 8, 11, 17, allows attackers to cause a denial of service oval:org.secpod.oval:def:19500491 An issue was discovered in function ciMethodBlocks::make_block_at in Oracle JDK 11, 17 and OpenJDK 8, 11, 17, allows attackers to cause a denial of service oval:org.secpod.oval:def:2501206 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. oval:org.secpod.oval:def:2600357 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. oval:org.secpod.oval:def:708634 openjdk-8: Open Source Java implementation Several security issues were fixed in OpenJDK. oval:org.secpod.oval:def:95131 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: segmentation fault in ciMethodBlocks (CVE-2022-40433) * OpenJDK: IOR deserialization issue in CORBA (8303384) (CVE-2023-22067) * OpenJDK: cert ... oval:org.secpod.oval:def:95132 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: segmentation fault in ciMethodBlocks (CVE-2022-40433) * OpenJDK: IOR deserialization issue in CORBA (8303384) (CVE-2023-22067) * OpenJDK: cert ... oval:org.secpod.oval:def:96482 openjdk-8: Open Source Java implementation Several security issues were fixed in OpenJDK. |
