[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

255116

 
 

909

 
 

198683

 
 

282

Paid content will be excluded from the download.


Download | Alert*


oval:org.secpod.oval:def:91215
The host is installed with Oracle Java SE through 11.0.19, 17.0.7 or 20.0.1 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to 2D (Harfbuzz). Successful exploitation allows attackers to affect Availability.

oval:org.secpod.oval:def:19500280
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE . Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and ...

oval:org.secpod.oval:def:89049261
This update for java-11-openjdk fixes the following issues: Updated to jdk-11.0.20+8 : * CVE-2023-22006: Fixed vulnerability in the network component . * CVE-2023-22036: Fixed vulnerability in the utility component . * CVE-2023-22041: Fixed vulnerability in the hotspot component . * CVE-2023-22044: ...

oval:org.secpod.oval:def:19500284
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE . Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and ...

oval:org.secpod.oval:def:708340
openjdk-20: Open Source Java implementation Several security issues were fixed in OpenJDK 20.

oval:org.secpod.oval:def:2108141
Oracle Solaris 11 - ( CVE-2023-25193 )

oval:org.secpod.oval:def:91111
The host is installed with Oracle Java SE through 11.0.19, 17.0.7 or 20.0.1, or Azul Zulu 11 before 11.65.14, or 17 before 17.43.14 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to 2D (Harfbuzz). Successful exploitation allo ...

oval:org.secpod.oval:def:2600291
The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit.

oval:org.secpod.oval:def:507863
The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: ZIP file parsing infinite loop * OpenJDK: weakness in AES implementation * OpenJDK: improper handling of slash characters in URI-to-path convers ...

oval:org.secpod.oval:def:2600292
The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.

oval:org.secpod.oval:def:93279
openjdk-17: Open Source Java implementation - openjdk-8: Open Source Java implementation - openjdk-lts: Open Source Java implementation Several security issues were fixed in OpenJDK.

oval:org.secpod.oval:def:89048717
This update for harfbuzz fixes the following issues: * CVE-2023-25193: Fixed vulnerability that allowed attackers to trigger O growth via consecutive marks .

oval:org.secpod.oval:def:93280
openjdk-17: Open Source Java implementation - openjdk-8: Open Source Java implementation - openjdk-lts: Open Source Java implementation Several security issues were fixed in OpenJDK.

oval:org.secpod.oval:def:89048799
This update for harfbuzz fixes the following issues: * CVE-2023-25193: Fixed vulnerability that allowed attackers to trigger O growth via consecutive marks .

oval:org.secpod.oval:def:1506825
[1:11.0.20.0.8-2.0.1] - Add Oracle vendor bug URL [Orabug: 34340155] - Fix tzdata requirement copy-and-paste error that led to two BuildRequires and no Requires [1:11.0.20.0.8-2] - Bump release number so we are newer than 9.0 - Related: rhbz#2221106 [1:11.0.20.0.8-1] - Update to jdk-11.0.20.0+8 - U ...

oval:org.secpod.oval:def:89049148
This update for java-11-openjdk fixes the following issues: Updated to jdk-11.0.20+8 : * CVE-2023-22006: Fixed vulnerability in the network component . * CVE-2023-22036: Fixed vulnerability in the utility component . * CVE-2023-22041: Fixed vulnerability in the hotspot component . * CVE-2023-22044: ...

oval:org.secpod.oval:def:89048793
This update for harfbuzz fixes the following issues: * CVE-2023-25193: Fixed vulnerability that allowed attackers to trigger O growth via consecutive marks .

oval:org.secpod.oval:def:89049320
This update for java-1_8_0-ibm fixes the following issues: * Update to Java 8.0 Service Refresh 8 Fix Pack 10 * CVE-2022-40609: Fixed an unsafe deserialization flaw which could allow a remote attacker to execute arbitrary code on the system. * CVE-2023-22041: Fixed a flaw whcih could allow unautho ...

oval:org.secpod.oval:def:89048792
This update for harfbuzz fixes the following issues: * CVE-2023-25193: Fixed vulnerability that allowed attackers to trigger O growth via consecutive marks .

oval:org.secpod.oval:def:1701463
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE . Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and ...

oval:org.secpod.oval:def:1506824
[1:17.0.8.0.7-2.0.1] - OpenJDK: ZIP file parsing infinite loop - OpenJDK: weakness in AES implementation - OpenJDK: improper handling of slash characters in URI-to-path conversion - harfbuzz: OpenJDK: O growth via consecutive marks - OpenJDK: HTTP client insufficient file name validation - ...

oval:org.secpod.oval:def:19500071
An integer overflow in the component hb-ot-shape-fallback.cc of Harfbuzz v4.3.0 allows attackers to cause a Denial of Service via unspecified vectors. hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O growth via consecutive marks during the process of looking back for ...

oval:org.secpod.oval:def:92537
openjdk-17: Open Source Java implementation - openjdk-8: Open Source Java implementation - openjdk-lts: Open Source Java implementation Several security issues were fixed in OpenJDK.

oval:org.secpod.oval:def:92536
openjdk-17: Open Source Java implementation - openjdk-8: Open Source Java implementation - openjdk-lts: Open Source Java implementation Several security issues were fixed in OpenJDK.

oval:org.secpod.oval:def:89049171
This update for java-17-openjdk fixes the following issues: Updated to version jdk-17.0.8+7 : * CVE-2023-22006: Fixed vulnerability in the network component . * CVE-2023-22036: Fixed vulnerability in the utility component . * CVE-2023-22041: Fixed vulnerability in the hotspot component . * CVE-2023- ...

oval:org.secpod.oval:def:91207
The host is installed with Oracle Java SE through 11.0.19, 17.0.7 or 20.0.1 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to 2D (Harfbuzz). Successful exploitation allows attackers to affect Availability.

oval:org.secpod.oval:def:91223
The host is installed with Oracle Java SE through 11.0.19, 17.0.7 or 20.0.1 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to 2D (Harfbuzz). Successful exploitation allows attackers to affect Availability.

oval:org.secpod.oval:def:507857
The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: ZIP file parsing infinite loop * OpenJDK: weakness in AES implementation * OpenJDK: improper handling of slash characters in URI-to-path convers ...

oval:org.secpod.oval:def:507856
The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix: * OpenJDK: ZIP file parsing infinite loop * OpenJDK: weakness in AES implementation * OpenJDK: improper handling of slash characters in URI-to-path convers ...

oval:org.secpod.oval:def:1506797
[1:11.0.20.0.8-1.0.1] - link atomic for ix86 build [1:11.0.20.0.8-1] - Update to jdk-11.0.20.0+8 - Update release notes to 11.0.20.0+8 - Switch to GA mode for release - ** This tarball is embargoed until 2023-07-18 @ 1pm PT. ** - Resolves: rhbz#2221106 [1:11.0.20.0.7-0.1.ea] - Update to jdk-11.0.20 ...

oval:org.secpod.oval:def:124986
Chromium is an open-source web browser, powered by WebKit .

oval:org.secpod.oval:def:1506830
[1:11.0.20.0.8-2.0.1] - Add Oracle vendor bug URL [Orabug: 34340155] [1:11.0.20.0.8-2] - Bump release number so we are newer than 9.0 - Related: rhbz#2221106 [1:11.0.20.0.8-1] - Update to jdk-11.0.20.0+8 - Update release notes to 11.0.20.0+8 - Drop local inclusion of JDK-8274864 JDK-8305113 as the ...

oval:org.secpod.oval:def:507854
The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fix: * OpenJDK: ZIP file parsing infinite loop * OpenJDK: weakness in AES implementation * OpenJDK: improper handling of slash characters in URI-to-path convers ...

oval:org.secpod.oval:def:2501138
The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit.

oval:org.secpod.oval:def:2501139
The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.

oval:org.secpod.oval:def:507858
The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fix: * OpenJDK: ZIP file parsing infinite loop * OpenJDK: weakness in AES implementation * OpenJDK: improper handling of slash characters in URI-to-path convers ...

oval:org.secpod.oval:def:1701450
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE . Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and ...

oval:org.secpod.oval:def:89049299
This update for java-1_8_0-ibm fixes the following issues: * Update to Java 8.0 Service Refresh 8 Fix Pack 10 * CVE-2022-40609: Fixed an unsafe deserialization flaw which could allow a remote attacker to execute arbitrary code on the system. * CVE-2023-22041: Fixed a flaw whcih could allow unautho ...

oval:org.secpod.oval:def:1506811
[1:17.0.8.0.7-2.0.1] - OpenJDK: ZIP file parsing infinite loop - OpenJDK: weakness in AES implementation - OpenJDK: improper handling of slash characters in URI-to-path conversion - harfbuzz: OpenJDK: O growth via consecutive marks - OpenJDK: HTTP client insufficient file name validation - ...

oval:org.secpod.oval:def:1701203
firefox-esr , thunderbird and nss only are affected by this package. hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O growth via consecutive marks during the process of looking back for base glyphs when attaching marks. The Mozilla Foundation Security Advisory describ ...

oval:org.secpod.oval:def:2600566
HarfBuzz is an implementation of the OpenType Layout engine.

oval:org.secpod.oval:def:509364
HarfBuzz is an implementation of the OpenType Layout engine. Security Fix: harfbuzz: allows attackers to trigger O growth via consecutive marks For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed ...

oval:org.secpod.oval:def:2501443
HarfBuzz is an implementation of the OpenType Layout engine.

CWE    1
CWE-770
*CVE
CVE-2023-25193

© SecPod Technologies