Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2022:1490: Red Hat Security Advisory: java-1.8.0-openjdk security update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2022-21426: OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504)
  • CVE-2022-21434: OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672)
  • CVE-2022-21443: OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151)
  • CVE-2022-21476: OpenJDK: Defective secure validation in Apache Santuario (Libraries, 8278008)
  • CVE-2022-21496: OpenJDK: URI parsing inconsistencies (JNDI, 8278972)
Red Hat Security Data
#vulnerability#linux#red_hat#apache#java

Synopsis

Important: java-1.8.0-openjdk security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.

Security Fix(es):

  • OpenJDK: Defective secure validation in Apache Santuario (Libraries, 8278008) (CVE-2022-21476)
  • OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504) (CVE-2022-21426)
  • OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672) (CVE-2022-21434)
  • OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151) (CVE-2022-21443)
  • OpenJDK: URI parsing inconsistencies (JNDI, 8278972) (CVE-2022-21496)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of OpenJDK Java must be restarted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64
  • Red Hat Enterprise Linux Server - AUS 8.4 x86_64
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4 s390x
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4 ppc64le
  • Red Hat Enterprise Linux Server - TUS 8.4 x86_64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.4 ppc64le
  • Red Hat Enterprise Linux Server for x86_64 - Update Services for SAP Solutions 8.4 x86_64
  • Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.4 x86_64
  • Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.4 ppc64le
  • Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.4 aarch64

Fixes

  • BZ - 2075788 - CVE-2022-21426 OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504)
  • BZ - 2075793 - CVE-2022-21443 OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151)
  • BZ - 2075836 - CVE-2022-21434 OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672)
  • BZ - 2075842 - CVE-2022-21476 OpenJDK: Defective secure validation in Apache Santuario (Libraries, 8278008)
  • BZ - 2075849 - CVE-2022-21496 OpenJDK: URI parsing inconsistencies (JNDI, 8278972)

CVEs

  • CVE-2022-21426
  • CVE-2022-21434
  • CVE-2022-21443
  • CVE-2022-21476
  • CVE-2022-21496

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4

SRPM

java-1.8.0-openjdk-1.8.0.332.b09-1.el8_4.src.rpm

SHA-256: 1731b9fd9f68f4f11dac1665d6f72ae6b4dded84630b3e1857705991e4615c78

x86_64

java-1.8.0-openjdk-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: fb2d0760c8d5bbb1c7018187c0afcf83695b45cb2fd740f6145167a5bc54ddda

java-1.8.0-openjdk-accessibility-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: 3b9de913d0b50b330aec6e74c037f7746d06e43f8850aeb200215cde0cfed7c8

java-1.8.0-openjdk-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: 71dcdbef3b72193d2964927a9ed570166f285a4601e7b7aa545ec3720a4102ff

java-1.8.0-openjdk-debugsource-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: f58eb4bbd8c3c26fd974280edc1db70f0bb31dfb3c62178b61bb32de2e9931c0

java-1.8.0-openjdk-demo-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: 4c8d6a25de10222fc873712e8a09ec630ff7e5867a2e866e237d473e34916cd8

java-1.8.0-openjdk-demo-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: 019ca59c7f48d30b921351b758e733c6c02f30db61587d790c1e603db88cdc5a

java-1.8.0-openjdk-demo-fastdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: 951ae6df51407c34a8709d3d78f7d05ca489594376feb8fc6a7e0511fabb455b

java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: d7cec6df8593cb57520fc2d288cde5c715d6cb17c9cfc5f5337763ed9aa199c7

java-1.8.0-openjdk-devel-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: 2169e83ed967a7c56641ca69128401f821fac6e4c7dc8590c73d65cbdedde88b

java-1.8.0-openjdk-devel-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: be54867ea81c21d69e13d986ce925cebc5881738837cacd38059b88ca31ac71e

java-1.8.0-openjdk-devel-fastdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: 21baa83e2b150a1e2ede8c56aa6bc1a1d6a6bff5a9f037bcfdaa7c18026384e8

java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: 8ecf762fd9e246cedf5d1d85e170b57311457c9f6f4b6522d0d484d3582bf928

java-1.8.0-openjdk-fastdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: f64eb861b53c36248eb3f610610b9d84e92149f8dc76e7d2b7bbc2c7bdf8dc54

java-1.8.0-openjdk-headless-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: be3347597ab6ecf2a9e90f008d9ae6c12779bda9ae53b2a685c828e65025244c

java-1.8.0-openjdk-headless-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: 80366887876480727a8db8a11ad91d29d87d8c1dbad5cce61de4ff853ada53a5

java-1.8.0-openjdk-headless-fastdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: 17c83670e3ade8aa2d2d5c0a2521394821597d35aa3c79d12780be195febe49a

java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: cbab5a8a243978f346fa67b91933f2b6a2f9dbc40c525551723752ed36a77d7d

java-1.8.0-openjdk-javadoc-1.8.0.332.b09-1.el8_4.noarch.rpm

SHA-256: 4295e72ed0b9f490ceed84f1738c6f7067acd7b24f01afdc067946e11fbbeada

java-1.8.0-openjdk-javadoc-zip-1.8.0.332.b09-1.el8_4.noarch.rpm

SHA-256: 9be27c9dd956b638666ed26b8ef5c43249edd5ea94b34b525137c8235af8a604

java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: 0763a7bf699483b7ee8fa99781bdeb95dbbdffd02399cf0154875811cf568367

java-1.8.0-openjdk-src-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: 57eee22f329145847d0f61237760415c927b5464ea7f8de33c3312b9a2c644ac

Red Hat Enterprise Linux Server - AUS 8.4

SRPM

java-1.8.0-openjdk-1.8.0.332.b09-1.el8_4.src.rpm

SHA-256: 1731b9fd9f68f4f11dac1665d6f72ae6b4dded84630b3e1857705991e4615c78

x86_64

java-1.8.0-openjdk-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: fb2d0760c8d5bbb1c7018187c0afcf83695b45cb2fd740f6145167a5bc54ddda

java-1.8.0-openjdk-accessibility-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: 3b9de913d0b50b330aec6e74c037f7746d06e43f8850aeb200215cde0cfed7c8

java-1.8.0-openjdk-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: 71dcdbef3b72193d2964927a9ed570166f285a4601e7b7aa545ec3720a4102ff

java-1.8.0-openjdk-debugsource-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: f58eb4bbd8c3c26fd974280edc1db70f0bb31dfb3c62178b61bb32de2e9931c0

java-1.8.0-openjdk-demo-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: 4c8d6a25de10222fc873712e8a09ec630ff7e5867a2e866e237d473e34916cd8

java-1.8.0-openjdk-demo-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: 019ca59c7f48d30b921351b758e733c6c02f30db61587d790c1e603db88cdc5a

java-1.8.0-openjdk-demo-fastdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: 951ae6df51407c34a8709d3d78f7d05ca489594376feb8fc6a7e0511fabb455b

java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: d7cec6df8593cb57520fc2d288cde5c715d6cb17c9cfc5f5337763ed9aa199c7

java-1.8.0-openjdk-devel-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: 2169e83ed967a7c56641ca69128401f821fac6e4c7dc8590c73d65cbdedde88b

java-1.8.0-openjdk-devel-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: be54867ea81c21d69e13d986ce925cebc5881738837cacd38059b88ca31ac71e

java-1.8.0-openjdk-devel-fastdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: 21baa83e2b150a1e2ede8c56aa6bc1a1d6a6bff5a9f037bcfdaa7c18026384e8

java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: 8ecf762fd9e246cedf5d1d85e170b57311457c9f6f4b6522d0d484d3582bf928

java-1.8.0-openjdk-fastdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: f64eb861b53c36248eb3f610610b9d84e92149f8dc76e7d2b7bbc2c7bdf8dc54

java-1.8.0-openjdk-headless-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: be3347597ab6ecf2a9e90f008d9ae6c12779bda9ae53b2a685c828e65025244c

java-1.8.0-openjdk-headless-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: 80366887876480727a8db8a11ad91d29d87d8c1dbad5cce61de4ff853ada53a5

java-1.8.0-openjdk-headless-fastdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: 17c83670e3ade8aa2d2d5c0a2521394821597d35aa3c79d12780be195febe49a

java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: cbab5a8a243978f346fa67b91933f2b6a2f9dbc40c525551723752ed36a77d7d

java-1.8.0-openjdk-javadoc-1.8.0.332.b09-1.el8_4.noarch.rpm

SHA-256: 4295e72ed0b9f490ceed84f1738c6f7067acd7b24f01afdc067946e11fbbeada

java-1.8.0-openjdk-javadoc-zip-1.8.0.332.b09-1.el8_4.noarch.rpm

SHA-256: 9be27c9dd956b638666ed26b8ef5c43249edd5ea94b34b525137c8235af8a604

java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: 0763a7bf699483b7ee8fa99781bdeb95dbbdffd02399cf0154875811cf568367

java-1.8.0-openjdk-src-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: 57eee22f329145847d0f61237760415c927b5464ea7f8de33c3312b9a2c644ac

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4

SRPM

java-1.8.0-openjdk-1.8.0.332.b09-1.el8_4.src.rpm

SHA-256: 1731b9fd9f68f4f11dac1665d6f72ae6b4dded84630b3e1857705991e4615c78

s390x

java-1.8.0-openjdk-1.8.0.332.b09-1.el8_4.s390x.rpm

SHA-256: 64358a40fdd3d4ddd37b87ed6ac84f3db44da49171d3fa5bed15e6b587efab56

java-1.8.0-openjdk-accessibility-1.8.0.332.b09-1.el8_4.s390x.rpm

SHA-256: 944267da4d18e6f0cb0e44ac96322ba86757cd18fd71d8c55b227d5ee6a8997a

java-1.8.0-openjdk-debuginfo-1.8.0.332.b09-1.el8_4.s390x.rpm

SHA-256: fb98f6f1d47b57ade30e36346fb243e515ee34725118e27fece74d15c0ea5a1a

java-1.8.0-openjdk-debugsource-1.8.0.332.b09-1.el8_4.s390x.rpm

SHA-256: c940c04bc5432e6f32f744f30a32c4369d7de019d64131e3225d6944fe34a0c5

java-1.8.0-openjdk-demo-1.8.0.332.b09-1.el8_4.s390x.rpm

SHA-256: c02af1fd72e80d9eeefe8e43d11fa7a4c0e28ad671c0506178d1b8e02f8a7fc1

java-1.8.0-openjdk-demo-debuginfo-1.8.0.332.b09-1.el8_4.s390x.rpm

SHA-256: 8c4a12590b58ab55ebceaa9f2e1cf62e405c266450f5c84991ca83aafdca1828

java-1.8.0-openjdk-devel-1.8.0.332.b09-1.el8_4.s390x.rpm

SHA-256: 30fbe5da31084cefc2a0429b73b4babf54a895774bcfeae5a0ba7a6ce7c4d916

java-1.8.0-openjdk-devel-debuginfo-1.8.0.332.b09-1.el8_4.s390x.rpm

SHA-256: 4fe538c5cff379be21bf9155065eff6afa8017a703a1c6fc4a4c880b7b623a00

java-1.8.0-openjdk-headless-1.8.0.332.b09-1.el8_4.s390x.rpm

SHA-256: c99cfcfe151e54f33022bdc07de7bf4a34f91efb1820f3bb918a4303540b9557

java-1.8.0-openjdk-headless-debuginfo-1.8.0.332.b09-1.el8_4.s390x.rpm

SHA-256: c869326a61b3508c4edfa881c40730ec0db46e067a5a2e3e0432a02660a1fa41

java-1.8.0-openjdk-javadoc-1.8.0.332.b09-1.el8_4.noarch.rpm

SHA-256: 4295e72ed0b9f490ceed84f1738c6f7067acd7b24f01afdc067946e11fbbeada

java-1.8.0-openjdk-javadoc-zip-1.8.0.332.b09-1.el8_4.noarch.rpm

SHA-256: 9be27c9dd956b638666ed26b8ef5c43249edd5ea94b34b525137c8235af8a604

java-1.8.0-openjdk-src-1.8.0.332.b09-1.el8_4.s390x.rpm

SHA-256: f1c5f0f1ee729ab23b0ce995185c63245284eca5a5cb0374c60f8d40fab0ad8d

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4

SRPM

java-1.8.0-openjdk-1.8.0.332.b09-1.el8_4.src.rpm

SHA-256: 1731b9fd9f68f4f11dac1665d6f72ae6b4dded84630b3e1857705991e4615c78

ppc64le

java-1.8.0-openjdk-1.8.0.332.b09-1.el8_4.ppc64le.rpm

SHA-256: e4d02344765cce56fc2226c908a77e6d505ef5b0eee4f9778bbae4c4d3ad87bb

java-1.8.0-openjdk-accessibility-1.8.0.332.b09-1.el8_4.ppc64le.rpm

SHA-256: 40b6f318e5c6596cc379bab8c55e7bd450a55565049fef4e481cd205673bdbf2

java-1.8.0-openjdk-demo-1.8.0.332.b09-1.el8_4.ppc64le.rpm

SHA-256: 1f0de3844d1a47fe17f6b935bce591c489b76fcae74e058ed71c24069bfa53d5

java-1.8.0-openjdk-devel-1.8.0.332.b09-1.el8_4.ppc64le.rpm

SHA-256: e016a34eedc8250eb9d1a36ed1618a277d5855f714c733a61382bb5ad2618a7d

java-1.8.0-openjdk-headless-1.8.0.332.b09-1.el8_4.ppc64le.rpm

SHA-256: 7e65286a515d59959e6f6cae233ccc2e98fa4ff0ce5d8b14048849bb231e8833

java-1.8.0-openjdk-javadoc-1.8.0.332.b09-1.el8_4.noarch.rpm

SHA-256: 4295e72ed0b9f490ceed84f1738c6f7067acd7b24f01afdc067946e11fbbeada

java-1.8.0-openjdk-javadoc-zip-1.8.0.332.b09-1.el8_4.noarch.rpm

SHA-256: 9be27c9dd956b638666ed26b8ef5c43249edd5ea94b34b525137c8235af8a604

java-1.8.0-openjdk-src-1.8.0.332.b09-1.el8_4.ppc64le.rpm

SHA-256: cda9668530792f3f8478b4c7f850fd303a61b90a97192401d1f93c2443c4cd73

Red Hat Enterprise Linux Server - TUS 8.4

SRPM

java-1.8.0-openjdk-1.8.0.332.b09-1.el8_4.src.rpm

SHA-256: 1731b9fd9f68f4f11dac1665d6f72ae6b4dded84630b3e1857705991e4615c78

x86_64

java-1.8.0-openjdk-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: fb2d0760c8d5bbb1c7018187c0afcf83695b45cb2fd740f6145167a5bc54ddda

java-1.8.0-openjdk-accessibility-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: 3b9de913d0b50b330aec6e74c037f7746d06e43f8850aeb200215cde0cfed7c8

java-1.8.0-openjdk-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: 71dcdbef3b72193d2964927a9ed570166f285a4601e7b7aa545ec3720a4102ff

java-1.8.0-openjdk-debugsource-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: f58eb4bbd8c3c26fd974280edc1db70f0bb31dfb3c62178b61bb32de2e9931c0

java-1.8.0-openjdk-demo-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: 4c8d6a25de10222fc873712e8a09ec630ff7e5867a2e866e237d473e34916cd8

java-1.8.0-openjdk-demo-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: 019ca59c7f48d30b921351b758e733c6c02f30db61587d790c1e603db88cdc5a

java-1.8.0-openjdk-demo-fastdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: 951ae6df51407c34a8709d3d78f7d05ca489594376feb8fc6a7e0511fabb455b

java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: d7cec6df8593cb57520fc2d288cde5c715d6cb17c9cfc5f5337763ed9aa199c7

java-1.8.0-openjdk-devel-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: 2169e83ed967a7c56641ca69128401f821fac6e4c7dc8590c73d65cbdedde88b

java-1.8.0-openjdk-devel-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: be54867ea81c21d69e13d986ce925cebc5881738837cacd38059b88ca31ac71e

java-1.8.0-openjdk-devel-fastdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: 21baa83e2b150a1e2ede8c56aa6bc1a1d6a6bff5a9f037bcfdaa7c18026384e8

java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: 8ecf762fd9e246cedf5d1d85e170b57311457c9f6f4b6522d0d484d3582bf928

java-1.8.0-openjdk-fastdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: f64eb861b53c36248eb3f610610b9d84e92149f8dc76e7d2b7bbc2c7bdf8dc54

java-1.8.0-openjdk-headless-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: be3347597ab6ecf2a9e90f008d9ae6c12779bda9ae53b2a685c828e65025244c

java-1.8.0-openjdk-headless-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: 80366887876480727a8db8a11ad91d29d87d8c1dbad5cce61de4ff853ada53a5

java-1.8.0-openjdk-headless-fastdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: 17c83670e3ade8aa2d2d5c0a2521394821597d35aa3c79d12780be195febe49a

java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: cbab5a8a243978f346fa67b91933f2b6a2f9dbc40c525551723752ed36a77d7d

java-1.8.0-openjdk-javadoc-1.8.0.332.b09-1.el8_4.noarch.rpm

SHA-256: 4295e72ed0b9f490ceed84f1738c6f7067acd7b24f01afdc067946e11fbbeada

java-1.8.0-openjdk-javadoc-zip-1.8.0.332.b09-1.el8_4.noarch.rpm

SHA-256: 9be27c9dd956b638666ed26b8ef5c43249edd5ea94b34b525137c8235af8a604

java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: 0763a7bf699483b7ee8fa99781bdeb95dbbdffd02399cf0154875811cf568367

java-1.8.0-openjdk-src-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: 57eee22f329145847d0f61237760415c927b5464ea7f8de33c3312b9a2c644ac

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4

SRPM

java-1.8.0-openjdk-1.8.0.332.b09-1.el8_4.src.rpm

SHA-256: 1731b9fd9f68f4f11dac1665d6f72ae6b4dded84630b3e1857705991e4615c78

aarch64

java-1.8.0-openjdk-1.8.0.332.b09-1.el8_4.aarch64.rpm

SHA-256: 8011f9dc459274b8c6355980da94dcc739ca8226e0ba096698a467d81be23444

java-1.8.0-openjdk-accessibility-1.8.0.332.b09-1.el8_4.aarch64.rpm

SHA-256: 8950686e75b0a7a60e5e5cfb786d5ddaee0d32339ef4271739d8357297f518a0

java-1.8.0-openjdk-debuginfo-1.8.0.332.b09-1.el8_4.aarch64.rpm

SHA-256: 71113cc21cbe95a8ed288d39adc2780d98a322e5dc6392c67c194767f4f0bd4e

java-1.8.0-openjdk-debugsource-1.8.0.332.b09-1.el8_4.aarch64.rpm

SHA-256: 554455b5a7fb2d2d958046297df128c8911a56be8ac6dac8a2c5d65236b5a36d

java-1.8.0-openjdk-demo-1.8.0.332.b09-1.el8_4.aarch64.rpm

SHA-256: 47dcb4db831eb79ff56354466668f945a72bed2160d6d1e598b25123b909ccb0

java-1.8.0-openjdk-demo-debuginfo-1.8.0.332.b09-1.el8_4.aarch64.rpm

SHA-256: 36953f1d494f133f19a377d56a57644607b837f96f8f00fffa5fc30f55dfe788

java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.aarch64.rpm

SHA-256: 9154002130f002a4853145f1fad5e5f3ef84601bd7e2610828d66d657f6eed1e

java-1.8.0-openjdk-devel-1.8.0.332.b09-1.el8_4.aarch64.rpm

SHA-256: 08b5e90e072e876ee790c9e5a3afb971391ac62ccea7094835f085463bd78cc0

java-1.8.0-openjdk-devel-debuginfo-1.8.0.332.b09-1.el8_4.aarch64.rpm

SHA-256: aff6e24efbb996041b8e91ea453bbab53143b118afb71b00feecdce5ccbb862c

java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.aarch64.rpm

SHA-256: f5479eaa3922b00df7b591a03eb506bd5bedea345d55c5a88d9a61520982d05a

java-1.8.0-openjdk-headless-1.8.0.332.b09-1.el8_4.aarch64.rpm

SHA-256: b5aa93bae735ad3af89d00c8dba7b51658b380d26013f851c19d27bc169e8d94

java-1.8.0-openjdk-headless-debuginfo-1.8.0.332.b09-1.el8_4.aarch64.rpm

SHA-256: 01a5dc672d6b7bab3d3582306a7a030ba75eaccdfeb294eede14e44b22f619e4

java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.aarch64.rpm

SHA-256: 8cb2b4a912202e769a59f228993dda4e54a092ea682e92ee576c024385d2d95e

java-1.8.0-openjdk-javadoc-1.8.0.332.b09-1.el8_4.noarch.rpm

SHA-256: 4295e72ed0b9f490ceed84f1738c6f7067acd7b24f01afdc067946e11fbbeada

java-1.8.0-openjdk-javadoc-zip-1.8.0.332.b09-1.el8_4.noarch.rpm

SHA-256: 9be27c9dd956b638666ed26b8ef5c43249edd5ea94b34b525137c8235af8a604

java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.aarch64.rpm

SHA-256: 102a67e00294e5629da5fc78ea3ddaf02a842a119304c30c945162d9108aae36

java-1.8.0-openjdk-src-1.8.0.332.b09-1.el8_4.aarch64.rpm

SHA-256: 66ca60ed3c5d115f740d433a2e312ed0c3faba366ac2466b5cf0d4a53812bc8d

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.4

SRPM

java-1.8.0-openjdk-1.8.0.332.b09-1.el8_4.src.rpm

SHA-256: 1731b9fd9f68f4f11dac1665d6f72ae6b4dded84630b3e1857705991e4615c78

ppc64le

java-1.8.0-openjdk-debuginfo-1.8.0.332.b09-1.el8_4.ppc64le.rpm

SHA-256: 2b792744a3191aa54fdc1386c5219d0f32290ab9abf91f3907d247fb28481cc4

java-1.8.0-openjdk-debugsource-1.8.0.332.b09-1.el8_4.ppc64le.rpm

SHA-256: 4b0736288408cd6eefc1752db47bfc9e699e6e7a08de857b0790f1b2b2ee8f77

java-1.8.0-openjdk-demo-debuginfo-1.8.0.332.b09-1.el8_4.ppc64le.rpm

SHA-256: d0cc120768ab55c7d9396044b4b301773575cb6ab5268fe6a113ce5bfda9f0ad

java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.ppc64le.rpm

SHA-256: bcc4d8dcd2d7482c6411306cd2d3281fb5db64d01bc3d03cf1a9588ed9e732f9

java-1.8.0-openjdk-devel-debuginfo-1.8.0.332.b09-1.el8_4.ppc64le.rpm

SHA-256: 3b7bd01cb85664b4e29683c64a004e02322897cf8100a2d7fdd70dcc76795019

java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.ppc64le.rpm

SHA-256: d0b15acdd68bc911f85d2d24f4b7e16d49cd6b442f8f35456c9e7624284788fe

java-1.8.0-openjdk-headless-debuginfo-1.8.0.332.b09-1.el8_4.ppc64le.rpm

SHA-256: fb322129bd67d545d914e841b5ea02e2cea14d06be0e9c6cba9be9034c38a1a6

java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.ppc64le.rpm

SHA-256: 4b12c5c1b256ee29862f14aaa8e838f2dd1faf5c3dea0481cd8d327860883ab6

java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.ppc64le.rpm

SHA-256: 6b4d92dadc382ff7b6e80b123271a305b003d8710ff87fdd94fc05b28512100d

Red Hat Enterprise Linux Server for x86_64 - Update Services for SAP Solutions 8.4

SRPM

java-1.8.0-openjdk-1.8.0.332.b09-1.el8_4.src.rpm

SHA-256: 1731b9fd9f68f4f11dac1665d6f72ae6b4dded84630b3e1857705991e4615c78

x86_64

java-1.8.0-openjdk-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: fb2d0760c8d5bbb1c7018187c0afcf83695b45cb2fd740f6145167a5bc54ddda

java-1.8.0-openjdk-accessibility-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: 3b9de913d0b50b330aec6e74c037f7746d06e43f8850aeb200215cde0cfed7c8

java-1.8.0-openjdk-demo-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: 4c8d6a25de10222fc873712e8a09ec630ff7e5867a2e866e237d473e34916cd8

java-1.8.0-openjdk-devel-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: 2169e83ed967a7c56641ca69128401f821fac6e4c7dc8590c73d65cbdedde88b

java-1.8.0-openjdk-headless-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: be3347597ab6ecf2a9e90f008d9ae6c12779bda9ae53b2a685c828e65025244c

java-1.8.0-openjdk-javadoc-1.8.0.332.b09-1.el8_4.noarch.rpm

SHA-256: 4295e72ed0b9f490ceed84f1738c6f7067acd7b24f01afdc067946e11fbbeada

java-1.8.0-openjdk-javadoc-zip-1.8.0.332.b09-1.el8_4.noarch.rpm

SHA-256: 9be27c9dd956b638666ed26b8ef5c43249edd5ea94b34b525137c8235af8a604

java-1.8.0-openjdk-src-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: 57eee22f329145847d0f61237760415c927b5464ea7f8de33c3312b9a2c644ac

Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.4

SRPM

x86_64

java-1.8.0-openjdk-accessibility-fastdebug-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: cd54aab7cdac4b9ab6fdfd9806e6e5542077e7c2b014cc0b03cc73088a3e93dd

java-1.8.0-openjdk-accessibility-slowdebug-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: aa382304d8beaf9c45abb94e9f6ad28d0aca4f4cd1f9727f5a5c370df17f70fd

java-1.8.0-openjdk-debugsource-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: f58eb4bbd8c3c26fd974280edc1db70f0bb31dfb3c62178b61bb32de2e9931c0

java-1.8.0-openjdk-demo-fastdebug-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: ea907231d4d48688e03bcfc5b85f16125ebbd29028d2098a89c8c08d3d8c9f1a

java-1.8.0-openjdk-demo-fastdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: 951ae6df51407c34a8709d3d78f7d05ca489594376feb8fc6a7e0511fabb455b

java-1.8.0-openjdk-demo-slowdebug-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: 1af5c9a958ac2086f34f3e8056d396dc43323299189343b09315f4432344d2ca

java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: d7cec6df8593cb57520fc2d288cde5c715d6cb17c9cfc5f5337763ed9aa199c7

java-1.8.0-openjdk-devel-fastdebug-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: ef2191882fb7d7ec1313792301a35cbe9ef1819390ed531d13569b91c55e247f

java-1.8.0-openjdk-devel-fastdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: 21baa83e2b150a1e2ede8c56aa6bc1a1d6a6bff5a9f037bcfdaa7c18026384e8

java-1.8.0-openjdk-devel-slowdebug-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: e6d9696ec2ca068eb4478c5e272bd65158413a0edae5018d6344fbd1b2ea1722

java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: 8ecf762fd9e246cedf5d1d85e170b57311457c9f6f4b6522d0d484d3582bf928

java-1.8.0-openjdk-fastdebug-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: e3fb39d3fe33fa151e7734e46d08da50def89130675d10be2bad789a895d469a

java-1.8.0-openjdk-fastdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: f64eb861b53c36248eb3f610610b9d84e92149f8dc76e7d2b7bbc2c7bdf8dc54

java-1.8.0-openjdk-headless-fastdebug-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: 33ff8786c0563709b7879a675d242f59823c6772f7335168d8c4698b70a8bd08

java-1.8.0-openjdk-headless-fastdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: 17c83670e3ade8aa2d2d5c0a2521394821597d35aa3c79d12780be195febe49a

java-1.8.0-openjdk-headless-slowdebug-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: eb1c4a076ad78f1b5c61f7a1a68160bb47531fd1dcecd215aee96173325d0dcc

java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: cbab5a8a243978f346fa67b91933f2b6a2f9dbc40c525551723752ed36a77d7d

java-1.8.0-openjdk-slowdebug-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: ae79475823c77e513b882e0bf8fbde01ea56a99b9139faa5db9f96851417d897

java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: 0763a7bf699483b7ee8fa99781bdeb95dbbdffd02399cf0154875811cf568367

java-1.8.0-openjdk-src-fastdebug-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: 54ffcb08bf28bba4ba0d05f61dc86425266aa383a17d16ecbc617071dadf3bf2

java-1.8.0-openjdk-src-slowdebug-1.8.0.332.b09-1.el8_4.x86_64.rpm

SHA-256: e242b204834ad5e15db58903657c0c6d8af8e0fa4049222bd8e34fd3cdad7ff0

Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.4

SRPM

ppc64le

java-1.8.0-openjdk-accessibility-slowdebug-1.8.0.332.b09-1.el8_4.ppc64le.rpm

SHA-256: b72fa0e621af7655e597d9a76650ead1df3fe11e9f639e841712f49e16f13ba9

java-1.8.0-openjdk-debugsource-1.8.0.332.b09-1.el8_4.ppc64le.rpm

SHA-256: 4b0736288408cd6eefc1752db47bfc9e699e6e7a08de857b0790f1b2b2ee8f77

java-1.8.0-openjdk-demo-slowdebug-1.8.0.332.b09-1.el8_4.ppc64le.rpm

SHA-256: 0e6f984bde6e25cbcc8c616bee89699068532a7156b8f3540106bec94e1f37e2

java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.ppc64le.rpm

SHA-256: bcc4d8dcd2d7482c6411306cd2d3281fb5db64d01bc3d03cf1a9588ed9e732f9

java-1.8.0-openjdk-devel-slowdebug-1.8.0.332.b09-1.el8_4.ppc64le.rpm

SHA-256: ac48035e5bc85438e41abdb2bdd39028390aa02cdb2a59d3f3fba17b4389e4d1

java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.ppc64le.rpm

SHA-256: d0b15acdd68bc911f85d2d24f4b7e16d49cd6b442f8f35456c9e7624284788fe

java-1.8.0-openjdk-headless-slowdebug-1.8.0.332.b09-1.el8_4.ppc64le.rpm

SHA-256: 7c81a7f7436d86ab2a72802aa024a10e1a3a27172c67c566fd381ed5bb2e453e

java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.ppc64le.rpm

SHA-256: 4b12c5c1b256ee29862f14aaa8e838f2dd1faf5c3dea0481cd8d327860883ab6

java-1.8.0-openjdk-slowdebug-1.8.0.332.b09-1.el8_4.ppc64le.rpm

SHA-256: 8eafe2e81db047505d360d8f12035dd7797b2f7d6914fa1192215a067d20910f

java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.ppc64le.rpm

SHA-256: 6b4d92dadc382ff7b6e80b123271a305b003d8710ff87fdd94fc05b28512100d

java-1.8.0-openjdk-src-slowdebug-1.8.0.332.b09-1.el8_4.ppc64le.rpm

SHA-256: ffdbc46d1ce60b0be65dceabc665f54548e1c67a1cdce7bf3b6171b8205f8f1d

Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.4

SRPM

aarch64

java-1.8.0-openjdk-accessibility-slowdebug-1.8.0.332.b09-1.el8_4.aarch64.rpm

SHA-256: 9aa6ddf37d5d575795a210885314c0e57a4caa1d4435fbc1351332fec3a25eda

java-1.8.0-openjdk-debugsource-1.8.0.332.b09-1.el8_4.aarch64.rpm

SHA-256: 554455b5a7fb2d2d958046297df128c8911a56be8ac6dac8a2c5d65236b5a36d

java-1.8.0-openjdk-demo-slowdebug-1.8.0.332.b09-1.el8_4.aarch64.rpm

SHA-256: 2fd9f2179afead11b351f2157834db3d9e3e70ea78e635130550f4ce3b72d75f

java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.aarch64.rpm

SHA-256: 9154002130f002a4853145f1fad5e5f3ef84601bd7e2610828d66d657f6eed1e

java-1.8.0-openjdk-devel-slowdebug-1.8.0.332.b09-1.el8_4.aarch64.rpm

SHA-256: 76641ea1882c813fbeb07dd8cbf755e18ac9f67f17dabde37e787d4db2a9c061

java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.aarch64.rpm

SHA-256: f5479eaa3922b00df7b591a03eb506bd5bedea345d55c5a88d9a61520982d05a

java-1.8.0-openjdk-headless-slowdebug-1.8.0.332.b09-1.el8_4.aarch64.rpm

SHA-256: f274c5e729623089d91dafb3a949b7bd21d4ebe8c57b95dc78344bfd0f035bd7

java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.aarch64.rpm

SHA-256: 8cb2b4a912202e769a59f228993dda4e54a092ea682e92ee576c024385d2d95e

java-1.8.0-openjdk-slowdebug-1.8.0.332.b09-1.el8_4.aarch64.rpm

SHA-256: 4f5e0982707d532d9c05fa1daba23846b394cd85415f10dc634980926a11f6c1

java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.aarch64.rpm

SHA-256: 102a67e00294e5629da5fc78ea3ddaf02a842a119304c30c945162d9108aae36

java-1.8.0-openjdk-src-slowdebug-1.8.0.332.b09-1.el8_4.aarch64.rpm

SHA-256: 0cf7c00736664c870f1706da571f16dfd9db2e45b819851bd2600d63d0e9c82b

Related news

CVE-2022-29806: Release The Memory Remains 1.36.13 · ZoneMinder/zoneminder

ZoneMinder before 1.36.13 allows remote code execution via an invalid language.

CVE-2022-29499: Mitel Product Security Advisory 22-0002

The Service Appliance component in Mitel MiVoice Connect through 19.2 SP3 allows remote code execution because of incorrect data validation. The Service Appliances are SA 100, SA 400, and Virtual SA.

CVE-2021-35250: SolarWinds Trust Center Security Advisories | CVE-2021-35250

A researcher reported a Directory Transversal Vulnerability in Serv-U 15.3. This may allow access to files relating to the Serv-U installation and server files. This issue has been resolved in Serv-U 15.3 Hotfix 1.

CVE-2022-1441: fixed #2175 · gpac/gpac@3dbe11b

MP4Box is a component of GPAC-2.0.0, which is a widely-used third-party package on RPM Fusion. When MP4Box tries to parse a MP4 file, it calls the function `diST_box_read()` to read from video. In this function, it allocates a buffer `str` with fixed length. However, content read from `bs` is controllable by user, so is the length, which causes a buffer overflow.

CVE-2022-25866: Uses --end-of-options after command options (for security reasons) · czproject/git-php@5e82d54

The package czproject/git-php before 4.0.3 are vulnerable to Command Injection via git argument injection. When calling the isRemoteUrlReadable($url, array $refs = NULL) function, both the url and refs parameters are passed to the git ls-remote subcommand in a way that additional flags can be set. The additional flags can be used to perform a command injection.

CVE-2022-28290: 2022-28290 - Reflected Cross-Site Scripting in Welaunch

Reflective Cross-Site Scripting vulnerability in WordPress Country Selector Plugin Version 1.6.5. The XSS payload executes whenever the user tries to access the country selector page with the specified payload as a part of the HTTP request

CVE-2022-1391: WordPress Cab-Fare-Calculator 1.0.3 Local File Inclusion ≈ Packet Storm

The Cab fare calculator WordPress plugin through 1.0.3 does not validate the controller parameter before using it in require statements, which could lead to Local File Inclusion issues.

CVE-2022-1396: WordPress Donorbox-Donation-Form 7.1.6 Cross Site Scripting ≈ Packet Storm

The Donorbox WordPress plugin before 7.1.7 does not sanitise and escape its Campaign URL settings before outputting it in an attribute, leading to a Stored Cross-Site Scripting issue even when the unfiltered_html capability is disallowed

CVE-2021-4225: CVEproject/wordpress_SP-Project_fileupload.md at main · pang0lin/CVEproject

The SP Project & Document Manager WordPress plugin before 4.24 allows any authenticated users, such as subscribers, to upload files. The plugin attempts to prevent PHP and other similar files that could be executed on the server from being uploaded by checking the file extension. It was discovered that on Windows servers, the security checks in place were insufficient, enabling bad actors to potentially upload backdoors on vulnerable sites.

CVE-2022-1390: WordPress Admin Word Count Column 2.2 Local File Inclusion ≈ Packet Storm

The Admin Word Count Column WordPress plugin through 2.2 does not validate the path parameter given to readfile(), which could allow unauthenticated attackers to read arbitrary files on server running old version of PHP susceptible to the null byte technique. This could also lead to RCE by using a Phar Deserialization technique

CVE-2022-24792: Merge pull request from GHSA-rwgw-vwxg-q799 · pjsip/pjproject@947bc1e

PJSIP is a free and open source multimedia communication library written in C. A denial-of-service vulnerability affects applications on a 32-bit systems that use PJSIP versions 2.12 and prior to play/read invalid WAV files. The vulnerability occurs when reading WAV file data chunks with length greater than 31-bit integers. The vulnerability does not affect 64-bit apps and should not affect apps that only plays trusted WAV files. A patch is available on the `master` branch of the `pjsip/project` GitHub repository. As a workaround, apps can reject a WAV file received from an unknown source or validate the file first.

RHSA-2022:1491: Red Hat Security Advisory: java-1.8.0-openjdk security update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21426: OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504) * CVE-2022-21434: OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672) * CVE-2022-21443: OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151) * CVE-2022-21476: OpenJDK: Defecti...

CVE-2022-29078: EJS, Server side template injection RCE (CVE-2022-29078) - writeup

The ejs (aka Embedded JavaScript templates) package 3.1.6 for Node.js allows server-side template injection in settings[view options][outputFunctionName]. This is parsed as an internal option, and overwrites the outputFunctionName option with an arbitrary OS command (which is executed upon template compilation).

CVE-2022-26111: CVE-Advisory/CVE-2022-26111.pdf at main · post-cyberlabs/CVE-Advisory

The BeanShell components of IRISNext through 9.8.28 allow execution of arbitrary commands on the target server by creating a custom search (or editing an existing/predefined search) of the documents. The search components permit adding BeanShell expressions that result in Remote Code Execution in the context of the IRISNext application user, running on the web server.

RHSA-2022:1489: Red Hat Security Advisory: java-1.8.0-openjdk security update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21426: OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504) * CVE-2022-21434: OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672) * CVE-2022-21443: OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151) * CVE-20...

RHSA-2022:1488: Red Hat Security Advisory: java-1.8.0-openjdk security update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21426: OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504) * CVE-2022-21434: OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672) * CVE-2022-21443: OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151...

RHSA-2022:1487: Red Hat Security Advisory: java-1.8.0-openjdk security, bug fix, and enhancement update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21426: OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504) * CVE-2022-21434: OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672) * CVE-2022-21443: OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151) * CVE-2022-21476: OpenJDK: Defecti...

CVE-2022-27428: v2.0: stored XSS Vulnerability · Issue #20 · bensonarts/GalleryCMS

A stored cross-site scripting (XSS) vulnerability in /index.php/album/add of GalleryCMS v2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the album_name parameter.

CVE-2022-28053: V1.5.3: Unrestricted File Upload Vulnerability · Issue #325 · typemill/typemill

Typemill v1.5.3 was discovered to contain an arbitrary file upload vulnerability via the upload function. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.

CVE-2022-27429: V1.9.5: SSRF Vulnerability · Issue #67 · Cherry-toto/jizhicms

Jizhicms v1.9.5 was discovered to contain a Server-Side Request Forgery (SSRF) vulnerability via /admin.php/Plugins/update.html.

CVE-2022-28586: XSS on Hoosk v1.8 · Issue #63 · havok89/Hoosk

XSS in edit page of Hoosk 1.8.0 allows attacker to execute javascript code in user browser via edit page with XSS payload bypass filter some special chars.