CESA-2022:7008 -- centos 7 java-11-openjdkID: oval:org.secpod.oval:def:205983 | Date: (C)2022-10-28 (M)2024-06-24 |
Class: PATCH | Family: unix |
Security Fix: OpenJDK: improper MultiByte conversion can lead to buffer overflow OpenJDK: excessive memory allocation in X.509 certificate parsing OpenJDK: HttpServer no connection count limit OpenJDK: improper handling of long NTLM client hostnames OpenJDK: insufficient randomization of JNDI DNS port numbers OpenJDK: missing SNI caching in HTTP/2 For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Bug Fix: