Download
| Alert*
oval:org.secpod.oval:def:89508
The host is installed with Oracle Java SE through 8u351 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to Serialization. Successful exploitation allows attackers to affect Integrity. oval:org.secpod.oval:def:90227 The host is missing a patch containing a security fixes, which affects the following package(s): Java oval:org.secpod.oval:def:89474 openjdk-8: Open Source Java implementation Several security issues were fixed in OpenJDK. oval:org.secpod.oval:def:97710 [CLSA-2023:1675985852] java-1.8.0-openjdk: Fix of 2 CVEs oval:org.secpod.oval:def:89048794 This update for java-1_8_0-ibm fixes the following issues: * Update to Java 8.0 Service Refresh 8 : * Security fixes: * CVE-2023-21830: Fixed improper restrictions in CORBA deserialization . * CVE-2023-21835: Fixed handshake DoS attack against DTLS connections . * CVE-2023-21843: Fixed soundbank URL ... oval:org.secpod.oval:def:89048281 This update for java-1_8_0-openjdk fixes the following issues: Updated to version jdk8u362 : - CVE-2023-21830: Fixed improper restrictions in CORBA deserialization . - CVE-2023-21843: Fixed soundbank URL remote loading . oval:org.secpod.oval:def:89048703 This update for java-1_8_0-ibm fixes the following issues: * Update to Java 8.0 Service Refresh 8 : * Security fixes: * CVE-2023-21830: Fixed improper restrictions in CORBA deserialization . * CVE-2023-21835: Fixed handshake DoS attack against DTLS connections . * CVE-2023-21843: Fixed soundbank URL ... oval:org.secpod.oval:def:89048640 This update for java-1_8_0-openjdk fixes the following issues: Updated to version jdk8u362 : * CVE-2023-21830: Fixed improper restrictions in CORBA deserialization . * CVE-2023-21843: Fixed soundbank URL remote loading . oval:org.secpod.oval:def:86994 The host is installed with Oracle Java SE through 8u351 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to Serialization. Successful exploitation allows attackers to affect integrity. oval:org.secpod.oval:def:1701167 Improve CORBA communication: CORBA deserialization can result in outbound network connections with data passed in oval:org.secpod.oval:def:87002 The host is installed with Oracle Java SE through 8u351 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to Serialization. Successful exploitation allows attackers to affect Integrity. oval:org.secpod.oval:def:86943 The host is installed with Oracle Java SE through 8u351, or Azul Zulu 6 before 6.53.0.12, 7 before 7.59.0.18, 8 before 8.67.0.22 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to Serialization. Successful exploitation allows ... oval:org.secpod.oval:def:2600151 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. oval:org.secpod.oval:def:4501186 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: * OpenJDK: improper restrictions in CORBA deserialization * OpenJDK: soundbank URL remote loading For more details about the security issue, including the ... oval:org.secpod.oval:def:5800021 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: * OpenJDK: improper restrictions in CORBA deserialization * OpenJDK: soundbank URL remote loading For more details about the security issue, including the ... oval:org.secpod.oval:def:1601652 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE . Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability all ... oval:org.secpod.oval:def:124955 The OpenJDK 8 runtime environment. oval:org.secpod.oval:def:507769 IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR8. Security Fix: * OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions * OpenJDK: improper restrictions in CORBA de ... oval:org.secpod.oval:def:1701105 Improve CORBA communication: CORBA deserialization can result in outbound network connections with data passed in. Better Banking of Sounds: JARSoundbankReader can load classes from remote URLs oval:org.secpod.oval:def:1506402 [1:1.8.0.362.b09-2] - Update cacerts patch to fix OPENJDK-1433 SecurityManager issue - Update to shenandoah-jdk8u352-b09 - Update release notes for shenandoah-8u352-b09. - Resolves: rhbz#2163595 [1:1.8.0.362.b08-2] - Update to shenandoah-jdk8u352-b08 - Update release notes for shenandoah-8u352-b08 ... oval:org.secpod.oval:def:507507 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: * OpenJDK: improper restrictions in CORBA deserialization * OpenJDK: soundbank URL remote loading For more details about the security issue, including the ... oval:org.secpod.oval:def:2500936 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. oval:org.secpod.oval:def:707981 openjdk-8: Open Source Java implementation Several security issues were fixed in OpenJDK. oval:org.secpod.oval:def:507512 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: * OpenJDK: improper restrictions in CORBA deserialization * OpenJDK: soundbank URL remote loading For more details about the security issue, including the ... oval:org.secpod.oval:def:1506379 [1:1.8.0.362.b08-1] - Update to shenandoah-jdk8u352-b08 - Update release notes for shenandoah-8u352-b08. - Fix broken links and missing release notes in older releases. - Drop RH1163501 patch which is not upstream or in 11, 17 19 packages and seems obsolete - Patch was broken by inclusion of JDK-8 ... oval:org.secpod.oval:def:507513 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: * OpenJDK: improper restrictions in CORBA deserialization * OpenJDK: soundbank URL remote loading For more details about the security issue, including the ... oval:org.secpod.oval:def:124963 The OpenJDK 8 runtime environment. oval:org.secpod.oval:def:1506397 [1:1.8.0.362.b09-2] - Update cacerts patch to fix OPENJDK-1433 SecurityManager issue - Update to shenandoah-jdk8u352-b09 - Update release notes for shenandoah-8u352-b09. - Resolves: rhbz#2163595 [1:1.8.0.362.b08-2] - Update to shenandoah-jdk8u352-b08 - Update release notes for shenandoah-8u352-b08 ... oval:org.secpod.oval:def:206006 Security Fix: OpenJDK: improper restrictions in CORBA deserialization OpenJDK: soundbank URL remote loading For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Bug F ... oval:org.secpod.oval:def:1506398 [1.8.0.362.b09-2.0.1] - Replace upstream references [Orabug: 34340145] [1:1.8.0.362.b09-2] - Update cacerts patch to fix OPENJDK-1433 SecurityManager issue - Update to shenandoah-jdk8u352-b09 - Update release notes for shenandoah-8u352-b09. - Resolves: rhbz#2163594 [1:1.8.0.362.b08-2] - Update to s ... |