Headline
RHSA-2022:1490: Red Hat Security Advisory: java-1.8.0-openjdk security update
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-21426: OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504)
- CVE-2022-21434: OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672)
- CVE-2022-21443: OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151)
- CVE-2022-21476: OpenJDK: Defective secure validation in Apache Santuario (Libraries, 8278008)
- CVE-2022-21496: OpenJDK: URI parsing inconsistencies (JNDI, 8278972)
Synopsis
Important: java-1.8.0-openjdk security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.
Security Fix(es):
- OpenJDK: Defective secure validation in Apache Santuario (Libraries, 8278008) (CVE-2022-21476)
- OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504) (CVE-2022-21426)
- OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672) (CVE-2022-21434)
- OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151) (CVE-2022-21443)
- OpenJDK: URI parsing inconsistencies (JNDI, 8278972) (CVE-2022-21496)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
All running instances of OpenJDK Java must be restarted for this update to take effect.
Affected Products
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64
- Red Hat Enterprise Linux Server - AUS 8.4 x86_64
- Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4 s390x
- Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4 ppc64le
- Red Hat Enterprise Linux Server - TUS 8.4 x86_64
- Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4 aarch64
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.4 ppc64le
- Red Hat Enterprise Linux Server for x86_64 - Update Services for SAP Solutions 8.4 x86_64
- Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.4 x86_64
- Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.4 ppc64le
- Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.4 aarch64
Fixes
- BZ - 2075788 - CVE-2022-21426 OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504)
- BZ - 2075793 - CVE-2022-21443 OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151)
- BZ - 2075836 - CVE-2022-21434 OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672)
- BZ - 2075842 - CVE-2022-21476 OpenJDK: Defective secure validation in Apache Santuario (Libraries, 8278008)
- BZ - 2075849 - CVE-2022-21496 OpenJDK: URI parsing inconsistencies (JNDI, 8278972)
CVEs
- CVE-2022-21426
- CVE-2022-21434
- CVE-2022-21443
- CVE-2022-21476
- CVE-2022-21496
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4
SRPM
java-1.8.0-openjdk-1.8.0.332.b09-1.el8_4.src.rpm
SHA-256: 1731b9fd9f68f4f11dac1665d6f72ae6b4dded84630b3e1857705991e4615c78
x86_64
java-1.8.0-openjdk-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: fb2d0760c8d5bbb1c7018187c0afcf83695b45cb2fd740f6145167a5bc54ddda
java-1.8.0-openjdk-accessibility-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: 3b9de913d0b50b330aec6e74c037f7746d06e43f8850aeb200215cde0cfed7c8
java-1.8.0-openjdk-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: 71dcdbef3b72193d2964927a9ed570166f285a4601e7b7aa545ec3720a4102ff
java-1.8.0-openjdk-debugsource-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: f58eb4bbd8c3c26fd974280edc1db70f0bb31dfb3c62178b61bb32de2e9931c0
java-1.8.0-openjdk-demo-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: 4c8d6a25de10222fc873712e8a09ec630ff7e5867a2e866e237d473e34916cd8
java-1.8.0-openjdk-demo-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: 019ca59c7f48d30b921351b758e733c6c02f30db61587d790c1e603db88cdc5a
java-1.8.0-openjdk-demo-fastdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: 951ae6df51407c34a8709d3d78f7d05ca489594376feb8fc6a7e0511fabb455b
java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: d7cec6df8593cb57520fc2d288cde5c715d6cb17c9cfc5f5337763ed9aa199c7
java-1.8.0-openjdk-devel-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: 2169e83ed967a7c56641ca69128401f821fac6e4c7dc8590c73d65cbdedde88b
java-1.8.0-openjdk-devel-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: be54867ea81c21d69e13d986ce925cebc5881738837cacd38059b88ca31ac71e
java-1.8.0-openjdk-devel-fastdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: 21baa83e2b150a1e2ede8c56aa6bc1a1d6a6bff5a9f037bcfdaa7c18026384e8
java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: 8ecf762fd9e246cedf5d1d85e170b57311457c9f6f4b6522d0d484d3582bf928
java-1.8.0-openjdk-fastdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: f64eb861b53c36248eb3f610610b9d84e92149f8dc76e7d2b7bbc2c7bdf8dc54
java-1.8.0-openjdk-headless-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: be3347597ab6ecf2a9e90f008d9ae6c12779bda9ae53b2a685c828e65025244c
java-1.8.0-openjdk-headless-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: 80366887876480727a8db8a11ad91d29d87d8c1dbad5cce61de4ff853ada53a5
java-1.8.0-openjdk-headless-fastdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: 17c83670e3ade8aa2d2d5c0a2521394821597d35aa3c79d12780be195febe49a
java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: cbab5a8a243978f346fa67b91933f2b6a2f9dbc40c525551723752ed36a77d7d
java-1.8.0-openjdk-javadoc-1.8.0.332.b09-1.el8_4.noarch.rpm
SHA-256: 4295e72ed0b9f490ceed84f1738c6f7067acd7b24f01afdc067946e11fbbeada
java-1.8.0-openjdk-javadoc-zip-1.8.0.332.b09-1.el8_4.noarch.rpm
SHA-256: 9be27c9dd956b638666ed26b8ef5c43249edd5ea94b34b525137c8235af8a604
java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: 0763a7bf699483b7ee8fa99781bdeb95dbbdffd02399cf0154875811cf568367
java-1.8.0-openjdk-src-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: 57eee22f329145847d0f61237760415c927b5464ea7f8de33c3312b9a2c644ac
Red Hat Enterprise Linux Server - AUS 8.4
SRPM
java-1.8.0-openjdk-1.8.0.332.b09-1.el8_4.src.rpm
SHA-256: 1731b9fd9f68f4f11dac1665d6f72ae6b4dded84630b3e1857705991e4615c78
x86_64
java-1.8.0-openjdk-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: fb2d0760c8d5bbb1c7018187c0afcf83695b45cb2fd740f6145167a5bc54ddda
java-1.8.0-openjdk-accessibility-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: 3b9de913d0b50b330aec6e74c037f7746d06e43f8850aeb200215cde0cfed7c8
java-1.8.0-openjdk-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: 71dcdbef3b72193d2964927a9ed570166f285a4601e7b7aa545ec3720a4102ff
java-1.8.0-openjdk-debugsource-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: f58eb4bbd8c3c26fd974280edc1db70f0bb31dfb3c62178b61bb32de2e9931c0
java-1.8.0-openjdk-demo-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: 4c8d6a25de10222fc873712e8a09ec630ff7e5867a2e866e237d473e34916cd8
java-1.8.0-openjdk-demo-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: 019ca59c7f48d30b921351b758e733c6c02f30db61587d790c1e603db88cdc5a
java-1.8.0-openjdk-demo-fastdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: 951ae6df51407c34a8709d3d78f7d05ca489594376feb8fc6a7e0511fabb455b
java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: d7cec6df8593cb57520fc2d288cde5c715d6cb17c9cfc5f5337763ed9aa199c7
java-1.8.0-openjdk-devel-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: 2169e83ed967a7c56641ca69128401f821fac6e4c7dc8590c73d65cbdedde88b
java-1.8.0-openjdk-devel-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: be54867ea81c21d69e13d986ce925cebc5881738837cacd38059b88ca31ac71e
java-1.8.0-openjdk-devel-fastdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: 21baa83e2b150a1e2ede8c56aa6bc1a1d6a6bff5a9f037bcfdaa7c18026384e8
java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: 8ecf762fd9e246cedf5d1d85e170b57311457c9f6f4b6522d0d484d3582bf928
java-1.8.0-openjdk-fastdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: f64eb861b53c36248eb3f610610b9d84e92149f8dc76e7d2b7bbc2c7bdf8dc54
java-1.8.0-openjdk-headless-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: be3347597ab6ecf2a9e90f008d9ae6c12779bda9ae53b2a685c828e65025244c
java-1.8.0-openjdk-headless-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: 80366887876480727a8db8a11ad91d29d87d8c1dbad5cce61de4ff853ada53a5
java-1.8.0-openjdk-headless-fastdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: 17c83670e3ade8aa2d2d5c0a2521394821597d35aa3c79d12780be195febe49a
java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: cbab5a8a243978f346fa67b91933f2b6a2f9dbc40c525551723752ed36a77d7d
java-1.8.0-openjdk-javadoc-1.8.0.332.b09-1.el8_4.noarch.rpm
SHA-256: 4295e72ed0b9f490ceed84f1738c6f7067acd7b24f01afdc067946e11fbbeada
java-1.8.0-openjdk-javadoc-zip-1.8.0.332.b09-1.el8_4.noarch.rpm
SHA-256: 9be27c9dd956b638666ed26b8ef5c43249edd5ea94b34b525137c8235af8a604
java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: 0763a7bf699483b7ee8fa99781bdeb95dbbdffd02399cf0154875811cf568367
java-1.8.0-openjdk-src-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: 57eee22f329145847d0f61237760415c927b5464ea7f8de33c3312b9a2c644ac
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4
SRPM
java-1.8.0-openjdk-1.8.0.332.b09-1.el8_4.src.rpm
SHA-256: 1731b9fd9f68f4f11dac1665d6f72ae6b4dded84630b3e1857705991e4615c78
s390x
java-1.8.0-openjdk-1.8.0.332.b09-1.el8_4.s390x.rpm
SHA-256: 64358a40fdd3d4ddd37b87ed6ac84f3db44da49171d3fa5bed15e6b587efab56
java-1.8.0-openjdk-accessibility-1.8.0.332.b09-1.el8_4.s390x.rpm
SHA-256: 944267da4d18e6f0cb0e44ac96322ba86757cd18fd71d8c55b227d5ee6a8997a
java-1.8.0-openjdk-debuginfo-1.8.0.332.b09-1.el8_4.s390x.rpm
SHA-256: fb98f6f1d47b57ade30e36346fb243e515ee34725118e27fece74d15c0ea5a1a
java-1.8.0-openjdk-debugsource-1.8.0.332.b09-1.el8_4.s390x.rpm
SHA-256: c940c04bc5432e6f32f744f30a32c4369d7de019d64131e3225d6944fe34a0c5
java-1.8.0-openjdk-demo-1.8.0.332.b09-1.el8_4.s390x.rpm
SHA-256: c02af1fd72e80d9eeefe8e43d11fa7a4c0e28ad671c0506178d1b8e02f8a7fc1
java-1.8.0-openjdk-demo-debuginfo-1.8.0.332.b09-1.el8_4.s390x.rpm
SHA-256: 8c4a12590b58ab55ebceaa9f2e1cf62e405c266450f5c84991ca83aafdca1828
java-1.8.0-openjdk-devel-1.8.0.332.b09-1.el8_4.s390x.rpm
SHA-256: 30fbe5da31084cefc2a0429b73b4babf54a895774bcfeae5a0ba7a6ce7c4d916
java-1.8.0-openjdk-devel-debuginfo-1.8.0.332.b09-1.el8_4.s390x.rpm
SHA-256: 4fe538c5cff379be21bf9155065eff6afa8017a703a1c6fc4a4c880b7b623a00
java-1.8.0-openjdk-headless-1.8.0.332.b09-1.el8_4.s390x.rpm
SHA-256: c99cfcfe151e54f33022bdc07de7bf4a34f91efb1820f3bb918a4303540b9557
java-1.8.0-openjdk-headless-debuginfo-1.8.0.332.b09-1.el8_4.s390x.rpm
SHA-256: c869326a61b3508c4edfa881c40730ec0db46e067a5a2e3e0432a02660a1fa41
java-1.8.0-openjdk-javadoc-1.8.0.332.b09-1.el8_4.noarch.rpm
SHA-256: 4295e72ed0b9f490ceed84f1738c6f7067acd7b24f01afdc067946e11fbbeada
java-1.8.0-openjdk-javadoc-zip-1.8.0.332.b09-1.el8_4.noarch.rpm
SHA-256: 9be27c9dd956b638666ed26b8ef5c43249edd5ea94b34b525137c8235af8a604
java-1.8.0-openjdk-src-1.8.0.332.b09-1.el8_4.s390x.rpm
SHA-256: f1c5f0f1ee729ab23b0ce995185c63245284eca5a5cb0374c60f8d40fab0ad8d
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4
SRPM
java-1.8.0-openjdk-1.8.0.332.b09-1.el8_4.src.rpm
SHA-256: 1731b9fd9f68f4f11dac1665d6f72ae6b4dded84630b3e1857705991e4615c78
ppc64le
java-1.8.0-openjdk-1.8.0.332.b09-1.el8_4.ppc64le.rpm
SHA-256: e4d02344765cce56fc2226c908a77e6d505ef5b0eee4f9778bbae4c4d3ad87bb
java-1.8.0-openjdk-accessibility-1.8.0.332.b09-1.el8_4.ppc64le.rpm
SHA-256: 40b6f318e5c6596cc379bab8c55e7bd450a55565049fef4e481cd205673bdbf2
java-1.8.0-openjdk-demo-1.8.0.332.b09-1.el8_4.ppc64le.rpm
SHA-256: 1f0de3844d1a47fe17f6b935bce591c489b76fcae74e058ed71c24069bfa53d5
java-1.8.0-openjdk-devel-1.8.0.332.b09-1.el8_4.ppc64le.rpm
SHA-256: e016a34eedc8250eb9d1a36ed1618a277d5855f714c733a61382bb5ad2618a7d
java-1.8.0-openjdk-headless-1.8.0.332.b09-1.el8_4.ppc64le.rpm
SHA-256: 7e65286a515d59959e6f6cae233ccc2e98fa4ff0ce5d8b14048849bb231e8833
java-1.8.0-openjdk-javadoc-1.8.0.332.b09-1.el8_4.noarch.rpm
SHA-256: 4295e72ed0b9f490ceed84f1738c6f7067acd7b24f01afdc067946e11fbbeada
java-1.8.0-openjdk-javadoc-zip-1.8.0.332.b09-1.el8_4.noarch.rpm
SHA-256: 9be27c9dd956b638666ed26b8ef5c43249edd5ea94b34b525137c8235af8a604
java-1.8.0-openjdk-src-1.8.0.332.b09-1.el8_4.ppc64le.rpm
SHA-256: cda9668530792f3f8478b4c7f850fd303a61b90a97192401d1f93c2443c4cd73
Red Hat Enterprise Linux Server - TUS 8.4
SRPM
java-1.8.0-openjdk-1.8.0.332.b09-1.el8_4.src.rpm
SHA-256: 1731b9fd9f68f4f11dac1665d6f72ae6b4dded84630b3e1857705991e4615c78
x86_64
java-1.8.0-openjdk-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: fb2d0760c8d5bbb1c7018187c0afcf83695b45cb2fd740f6145167a5bc54ddda
java-1.8.0-openjdk-accessibility-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: 3b9de913d0b50b330aec6e74c037f7746d06e43f8850aeb200215cde0cfed7c8
java-1.8.0-openjdk-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: 71dcdbef3b72193d2964927a9ed570166f285a4601e7b7aa545ec3720a4102ff
java-1.8.0-openjdk-debugsource-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: f58eb4bbd8c3c26fd974280edc1db70f0bb31dfb3c62178b61bb32de2e9931c0
java-1.8.0-openjdk-demo-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: 4c8d6a25de10222fc873712e8a09ec630ff7e5867a2e866e237d473e34916cd8
java-1.8.0-openjdk-demo-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: 019ca59c7f48d30b921351b758e733c6c02f30db61587d790c1e603db88cdc5a
java-1.8.0-openjdk-demo-fastdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: 951ae6df51407c34a8709d3d78f7d05ca489594376feb8fc6a7e0511fabb455b
java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: d7cec6df8593cb57520fc2d288cde5c715d6cb17c9cfc5f5337763ed9aa199c7
java-1.8.0-openjdk-devel-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: 2169e83ed967a7c56641ca69128401f821fac6e4c7dc8590c73d65cbdedde88b
java-1.8.0-openjdk-devel-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: be54867ea81c21d69e13d986ce925cebc5881738837cacd38059b88ca31ac71e
java-1.8.0-openjdk-devel-fastdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: 21baa83e2b150a1e2ede8c56aa6bc1a1d6a6bff5a9f037bcfdaa7c18026384e8
java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: 8ecf762fd9e246cedf5d1d85e170b57311457c9f6f4b6522d0d484d3582bf928
java-1.8.0-openjdk-fastdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: f64eb861b53c36248eb3f610610b9d84e92149f8dc76e7d2b7bbc2c7bdf8dc54
java-1.8.0-openjdk-headless-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: be3347597ab6ecf2a9e90f008d9ae6c12779bda9ae53b2a685c828e65025244c
java-1.8.0-openjdk-headless-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: 80366887876480727a8db8a11ad91d29d87d8c1dbad5cce61de4ff853ada53a5
java-1.8.0-openjdk-headless-fastdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: 17c83670e3ade8aa2d2d5c0a2521394821597d35aa3c79d12780be195febe49a
java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: cbab5a8a243978f346fa67b91933f2b6a2f9dbc40c525551723752ed36a77d7d
java-1.8.0-openjdk-javadoc-1.8.0.332.b09-1.el8_4.noarch.rpm
SHA-256: 4295e72ed0b9f490ceed84f1738c6f7067acd7b24f01afdc067946e11fbbeada
java-1.8.0-openjdk-javadoc-zip-1.8.0.332.b09-1.el8_4.noarch.rpm
SHA-256: 9be27c9dd956b638666ed26b8ef5c43249edd5ea94b34b525137c8235af8a604
java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: 0763a7bf699483b7ee8fa99781bdeb95dbbdffd02399cf0154875811cf568367
java-1.8.0-openjdk-src-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: 57eee22f329145847d0f61237760415c927b5464ea7f8de33c3312b9a2c644ac
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4
SRPM
java-1.8.0-openjdk-1.8.0.332.b09-1.el8_4.src.rpm
SHA-256: 1731b9fd9f68f4f11dac1665d6f72ae6b4dded84630b3e1857705991e4615c78
aarch64
java-1.8.0-openjdk-1.8.0.332.b09-1.el8_4.aarch64.rpm
SHA-256: 8011f9dc459274b8c6355980da94dcc739ca8226e0ba096698a467d81be23444
java-1.8.0-openjdk-accessibility-1.8.0.332.b09-1.el8_4.aarch64.rpm
SHA-256: 8950686e75b0a7a60e5e5cfb786d5ddaee0d32339ef4271739d8357297f518a0
java-1.8.0-openjdk-debuginfo-1.8.0.332.b09-1.el8_4.aarch64.rpm
SHA-256: 71113cc21cbe95a8ed288d39adc2780d98a322e5dc6392c67c194767f4f0bd4e
java-1.8.0-openjdk-debugsource-1.8.0.332.b09-1.el8_4.aarch64.rpm
SHA-256: 554455b5a7fb2d2d958046297df128c8911a56be8ac6dac8a2c5d65236b5a36d
java-1.8.0-openjdk-demo-1.8.0.332.b09-1.el8_4.aarch64.rpm
SHA-256: 47dcb4db831eb79ff56354466668f945a72bed2160d6d1e598b25123b909ccb0
java-1.8.0-openjdk-demo-debuginfo-1.8.0.332.b09-1.el8_4.aarch64.rpm
SHA-256: 36953f1d494f133f19a377d56a57644607b837f96f8f00fffa5fc30f55dfe788
java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.aarch64.rpm
SHA-256: 9154002130f002a4853145f1fad5e5f3ef84601bd7e2610828d66d657f6eed1e
java-1.8.0-openjdk-devel-1.8.0.332.b09-1.el8_4.aarch64.rpm
SHA-256: 08b5e90e072e876ee790c9e5a3afb971391ac62ccea7094835f085463bd78cc0
java-1.8.0-openjdk-devel-debuginfo-1.8.0.332.b09-1.el8_4.aarch64.rpm
SHA-256: aff6e24efbb996041b8e91ea453bbab53143b118afb71b00feecdce5ccbb862c
java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.aarch64.rpm
SHA-256: f5479eaa3922b00df7b591a03eb506bd5bedea345d55c5a88d9a61520982d05a
java-1.8.0-openjdk-headless-1.8.0.332.b09-1.el8_4.aarch64.rpm
SHA-256: b5aa93bae735ad3af89d00c8dba7b51658b380d26013f851c19d27bc169e8d94
java-1.8.0-openjdk-headless-debuginfo-1.8.0.332.b09-1.el8_4.aarch64.rpm
SHA-256: 01a5dc672d6b7bab3d3582306a7a030ba75eaccdfeb294eede14e44b22f619e4
java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.aarch64.rpm
SHA-256: 8cb2b4a912202e769a59f228993dda4e54a092ea682e92ee576c024385d2d95e
java-1.8.0-openjdk-javadoc-1.8.0.332.b09-1.el8_4.noarch.rpm
SHA-256: 4295e72ed0b9f490ceed84f1738c6f7067acd7b24f01afdc067946e11fbbeada
java-1.8.0-openjdk-javadoc-zip-1.8.0.332.b09-1.el8_4.noarch.rpm
SHA-256: 9be27c9dd956b638666ed26b8ef5c43249edd5ea94b34b525137c8235af8a604
java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.aarch64.rpm
SHA-256: 102a67e00294e5629da5fc78ea3ddaf02a842a119304c30c945162d9108aae36
java-1.8.0-openjdk-src-1.8.0.332.b09-1.el8_4.aarch64.rpm
SHA-256: 66ca60ed3c5d115f740d433a2e312ed0c3faba366ac2466b5cf0d4a53812bc8d
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.4
SRPM
java-1.8.0-openjdk-1.8.0.332.b09-1.el8_4.src.rpm
SHA-256: 1731b9fd9f68f4f11dac1665d6f72ae6b4dded84630b3e1857705991e4615c78
ppc64le
java-1.8.0-openjdk-debuginfo-1.8.0.332.b09-1.el8_4.ppc64le.rpm
SHA-256: 2b792744a3191aa54fdc1386c5219d0f32290ab9abf91f3907d247fb28481cc4
java-1.8.0-openjdk-debugsource-1.8.0.332.b09-1.el8_4.ppc64le.rpm
SHA-256: 4b0736288408cd6eefc1752db47bfc9e699e6e7a08de857b0790f1b2b2ee8f77
java-1.8.0-openjdk-demo-debuginfo-1.8.0.332.b09-1.el8_4.ppc64le.rpm
SHA-256: d0cc120768ab55c7d9396044b4b301773575cb6ab5268fe6a113ce5bfda9f0ad
java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.ppc64le.rpm
SHA-256: bcc4d8dcd2d7482c6411306cd2d3281fb5db64d01bc3d03cf1a9588ed9e732f9
java-1.8.0-openjdk-devel-debuginfo-1.8.0.332.b09-1.el8_4.ppc64le.rpm
SHA-256: 3b7bd01cb85664b4e29683c64a004e02322897cf8100a2d7fdd70dcc76795019
java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.ppc64le.rpm
SHA-256: d0b15acdd68bc911f85d2d24f4b7e16d49cd6b442f8f35456c9e7624284788fe
java-1.8.0-openjdk-headless-debuginfo-1.8.0.332.b09-1.el8_4.ppc64le.rpm
SHA-256: fb322129bd67d545d914e841b5ea02e2cea14d06be0e9c6cba9be9034c38a1a6
java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.ppc64le.rpm
SHA-256: 4b12c5c1b256ee29862f14aaa8e838f2dd1faf5c3dea0481cd8d327860883ab6
java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.ppc64le.rpm
SHA-256: 6b4d92dadc382ff7b6e80b123271a305b003d8710ff87fdd94fc05b28512100d
Red Hat Enterprise Linux Server for x86_64 - Update Services for SAP Solutions 8.4
SRPM
java-1.8.0-openjdk-1.8.0.332.b09-1.el8_4.src.rpm
SHA-256: 1731b9fd9f68f4f11dac1665d6f72ae6b4dded84630b3e1857705991e4615c78
x86_64
java-1.8.0-openjdk-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: fb2d0760c8d5bbb1c7018187c0afcf83695b45cb2fd740f6145167a5bc54ddda
java-1.8.0-openjdk-accessibility-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: 3b9de913d0b50b330aec6e74c037f7746d06e43f8850aeb200215cde0cfed7c8
java-1.8.0-openjdk-demo-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: 4c8d6a25de10222fc873712e8a09ec630ff7e5867a2e866e237d473e34916cd8
java-1.8.0-openjdk-devel-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: 2169e83ed967a7c56641ca69128401f821fac6e4c7dc8590c73d65cbdedde88b
java-1.8.0-openjdk-headless-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: be3347597ab6ecf2a9e90f008d9ae6c12779bda9ae53b2a685c828e65025244c
java-1.8.0-openjdk-javadoc-1.8.0.332.b09-1.el8_4.noarch.rpm
SHA-256: 4295e72ed0b9f490ceed84f1738c6f7067acd7b24f01afdc067946e11fbbeada
java-1.8.0-openjdk-javadoc-zip-1.8.0.332.b09-1.el8_4.noarch.rpm
SHA-256: 9be27c9dd956b638666ed26b8ef5c43249edd5ea94b34b525137c8235af8a604
java-1.8.0-openjdk-src-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: 57eee22f329145847d0f61237760415c927b5464ea7f8de33c3312b9a2c644ac
Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.4
SRPM
x86_64
java-1.8.0-openjdk-accessibility-fastdebug-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: cd54aab7cdac4b9ab6fdfd9806e6e5542077e7c2b014cc0b03cc73088a3e93dd
java-1.8.0-openjdk-accessibility-slowdebug-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: aa382304d8beaf9c45abb94e9f6ad28d0aca4f4cd1f9727f5a5c370df17f70fd
java-1.8.0-openjdk-debugsource-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: f58eb4bbd8c3c26fd974280edc1db70f0bb31dfb3c62178b61bb32de2e9931c0
java-1.8.0-openjdk-demo-fastdebug-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: ea907231d4d48688e03bcfc5b85f16125ebbd29028d2098a89c8c08d3d8c9f1a
java-1.8.0-openjdk-demo-fastdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: 951ae6df51407c34a8709d3d78f7d05ca489594376feb8fc6a7e0511fabb455b
java-1.8.0-openjdk-demo-slowdebug-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: 1af5c9a958ac2086f34f3e8056d396dc43323299189343b09315f4432344d2ca
java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: d7cec6df8593cb57520fc2d288cde5c715d6cb17c9cfc5f5337763ed9aa199c7
java-1.8.0-openjdk-devel-fastdebug-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: ef2191882fb7d7ec1313792301a35cbe9ef1819390ed531d13569b91c55e247f
java-1.8.0-openjdk-devel-fastdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: 21baa83e2b150a1e2ede8c56aa6bc1a1d6a6bff5a9f037bcfdaa7c18026384e8
java-1.8.0-openjdk-devel-slowdebug-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: e6d9696ec2ca068eb4478c5e272bd65158413a0edae5018d6344fbd1b2ea1722
java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: 8ecf762fd9e246cedf5d1d85e170b57311457c9f6f4b6522d0d484d3582bf928
java-1.8.0-openjdk-fastdebug-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: e3fb39d3fe33fa151e7734e46d08da50def89130675d10be2bad789a895d469a
java-1.8.0-openjdk-fastdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: f64eb861b53c36248eb3f610610b9d84e92149f8dc76e7d2b7bbc2c7bdf8dc54
java-1.8.0-openjdk-headless-fastdebug-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: 33ff8786c0563709b7879a675d242f59823c6772f7335168d8c4698b70a8bd08
java-1.8.0-openjdk-headless-fastdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: 17c83670e3ade8aa2d2d5c0a2521394821597d35aa3c79d12780be195febe49a
java-1.8.0-openjdk-headless-slowdebug-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: eb1c4a076ad78f1b5c61f7a1a68160bb47531fd1dcecd215aee96173325d0dcc
java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: cbab5a8a243978f346fa67b91933f2b6a2f9dbc40c525551723752ed36a77d7d
java-1.8.0-openjdk-slowdebug-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: ae79475823c77e513b882e0bf8fbde01ea56a99b9139faa5db9f96851417d897
java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: 0763a7bf699483b7ee8fa99781bdeb95dbbdffd02399cf0154875811cf568367
java-1.8.0-openjdk-src-fastdebug-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: 54ffcb08bf28bba4ba0d05f61dc86425266aa383a17d16ecbc617071dadf3bf2
java-1.8.0-openjdk-src-slowdebug-1.8.0.332.b09-1.el8_4.x86_64.rpm
SHA-256: e242b204834ad5e15db58903657c0c6d8af8e0fa4049222bd8e34fd3cdad7ff0
Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.4
SRPM
ppc64le
java-1.8.0-openjdk-accessibility-slowdebug-1.8.0.332.b09-1.el8_4.ppc64le.rpm
SHA-256: b72fa0e621af7655e597d9a76650ead1df3fe11e9f639e841712f49e16f13ba9
java-1.8.0-openjdk-debugsource-1.8.0.332.b09-1.el8_4.ppc64le.rpm
SHA-256: 4b0736288408cd6eefc1752db47bfc9e699e6e7a08de857b0790f1b2b2ee8f77
java-1.8.0-openjdk-demo-slowdebug-1.8.0.332.b09-1.el8_4.ppc64le.rpm
SHA-256: 0e6f984bde6e25cbcc8c616bee89699068532a7156b8f3540106bec94e1f37e2
java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.ppc64le.rpm
SHA-256: bcc4d8dcd2d7482c6411306cd2d3281fb5db64d01bc3d03cf1a9588ed9e732f9
java-1.8.0-openjdk-devel-slowdebug-1.8.0.332.b09-1.el8_4.ppc64le.rpm
SHA-256: ac48035e5bc85438e41abdb2bdd39028390aa02cdb2a59d3f3fba17b4389e4d1
java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.ppc64le.rpm
SHA-256: d0b15acdd68bc911f85d2d24f4b7e16d49cd6b442f8f35456c9e7624284788fe
java-1.8.0-openjdk-headless-slowdebug-1.8.0.332.b09-1.el8_4.ppc64le.rpm
SHA-256: 7c81a7f7436d86ab2a72802aa024a10e1a3a27172c67c566fd381ed5bb2e453e
java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.ppc64le.rpm
SHA-256: 4b12c5c1b256ee29862f14aaa8e838f2dd1faf5c3dea0481cd8d327860883ab6
java-1.8.0-openjdk-slowdebug-1.8.0.332.b09-1.el8_4.ppc64le.rpm
SHA-256: 8eafe2e81db047505d360d8f12035dd7797b2f7d6914fa1192215a067d20910f
java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.ppc64le.rpm
SHA-256: 6b4d92dadc382ff7b6e80b123271a305b003d8710ff87fdd94fc05b28512100d
java-1.8.0-openjdk-src-slowdebug-1.8.0.332.b09-1.el8_4.ppc64le.rpm
SHA-256: ffdbc46d1ce60b0be65dceabc665f54548e1c67a1cdce7bf3b6171b8205f8f1d
Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.4
SRPM
aarch64
java-1.8.0-openjdk-accessibility-slowdebug-1.8.0.332.b09-1.el8_4.aarch64.rpm
SHA-256: 9aa6ddf37d5d575795a210885314c0e57a4caa1d4435fbc1351332fec3a25eda
java-1.8.0-openjdk-debugsource-1.8.0.332.b09-1.el8_4.aarch64.rpm
SHA-256: 554455b5a7fb2d2d958046297df128c8911a56be8ac6dac8a2c5d65236b5a36d
java-1.8.0-openjdk-demo-slowdebug-1.8.0.332.b09-1.el8_4.aarch64.rpm
SHA-256: 2fd9f2179afead11b351f2157834db3d9e3e70ea78e635130550f4ce3b72d75f
java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.aarch64.rpm
SHA-256: 9154002130f002a4853145f1fad5e5f3ef84601bd7e2610828d66d657f6eed1e
java-1.8.0-openjdk-devel-slowdebug-1.8.0.332.b09-1.el8_4.aarch64.rpm
SHA-256: 76641ea1882c813fbeb07dd8cbf755e18ac9f67f17dabde37e787d4db2a9c061
java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.aarch64.rpm
SHA-256: f5479eaa3922b00df7b591a03eb506bd5bedea345d55c5a88d9a61520982d05a
java-1.8.0-openjdk-headless-slowdebug-1.8.0.332.b09-1.el8_4.aarch64.rpm
SHA-256: f274c5e729623089d91dafb3a949b7bd21d4ebe8c57b95dc78344bfd0f035bd7
java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.aarch64.rpm
SHA-256: 8cb2b4a912202e769a59f228993dda4e54a092ea682e92ee576c024385d2d95e
java-1.8.0-openjdk-slowdebug-1.8.0.332.b09-1.el8_4.aarch64.rpm
SHA-256: 4f5e0982707d532d9c05fa1daba23846b394cd85415f10dc634980926a11f6c1
java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.332.b09-1.el8_4.aarch64.rpm
SHA-256: 102a67e00294e5629da5fc78ea3ddaf02a842a119304c30c945162d9108aae36
java-1.8.0-openjdk-src-slowdebug-1.8.0.332.b09-1.el8_4.aarch64.rpm
SHA-256: 0cf7c00736664c870f1706da571f16dfd9db2e45b819851bd2600d63d0e9c82b
Related news
ZoneMinder before 1.36.13 allows remote code execution via an invalid language.
The Service Appliance component in Mitel MiVoice Connect through 19.2 SP3 allows remote code execution because of incorrect data validation. The Service Appliances are SA 100, SA 400, and Virtual SA.
A researcher reported a Directory Transversal Vulnerability in Serv-U 15.3. This may allow access to files relating to the Serv-U installation and server files. This issue has been resolved in Serv-U 15.3 Hotfix 1.
MP4Box is a component of GPAC-2.0.0, which is a widely-used third-party package on RPM Fusion. When MP4Box tries to parse a MP4 file, it calls the function `diST_box_read()` to read from video. In this function, it allocates a buffer `str` with fixed length. However, content read from `bs` is controllable by user, so is the length, which causes a buffer overflow.
The package czproject/git-php before 4.0.3 are vulnerable to Command Injection via git argument injection. When calling the isRemoteUrlReadable($url, array $refs = NULL) function, both the url and refs parameters are passed to the git ls-remote subcommand in a way that additional flags can be set. The additional flags can be used to perform a command injection.
Reflective Cross-Site Scripting vulnerability in WordPress Country Selector Plugin Version 1.6.5. The XSS payload executes whenever the user tries to access the country selector page with the specified payload as a part of the HTTP request
The Cab fare calculator WordPress plugin through 1.0.3 does not validate the controller parameter before using it in require statements, which could lead to Local File Inclusion issues.
The Donorbox WordPress plugin before 7.1.7 does not sanitise and escape its Campaign URL settings before outputting it in an attribute, leading to a Stored Cross-Site Scripting issue even when the unfiltered_html capability is disallowed
The SP Project & Document Manager WordPress plugin before 4.24 allows any authenticated users, such as subscribers, to upload files. The plugin attempts to prevent PHP and other similar files that could be executed on the server from being uploaded by checking the file extension. It was discovered that on Windows servers, the security checks in place were insufficient, enabling bad actors to potentially upload backdoors on vulnerable sites.
The Admin Word Count Column WordPress plugin through 2.2 does not validate the path parameter given to readfile(), which could allow unauthenticated attackers to read arbitrary files on server running old version of PHP susceptible to the null byte technique. This could also lead to RCE by using a Phar Deserialization technique
PJSIP is a free and open source multimedia communication library written in C. A denial-of-service vulnerability affects applications on a 32-bit systems that use PJSIP versions 2.12 and prior to play/read invalid WAV files. The vulnerability occurs when reading WAV file data chunks with length greater than 31-bit integers. The vulnerability does not affect 64-bit apps and should not affect apps that only plays trusted WAV files. A patch is available on the `master` branch of the `pjsip/project` GitHub repository. As a workaround, apps can reject a WAV file received from an unknown source or validate the file first.
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21426: OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504) * CVE-2022-21434: OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672) * CVE-2022-21443: OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151) * CVE-2022-21476: OpenJDK: Defecti...
The ejs (aka Embedded JavaScript templates) package 3.1.6 for Node.js allows server-side template injection in settings[view options][outputFunctionName]. This is parsed as an internal option, and overwrites the outputFunctionName option with an arbitrary OS command (which is executed upon template compilation).
The BeanShell components of IRISNext through 9.8.28 allow execution of arbitrary commands on the target server by creating a custom search (or editing an existing/predefined search) of the documents. The search components permit adding BeanShell expressions that result in Remote Code Execution in the context of the IRISNext application user, running on the web server.
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21426: OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504) * CVE-2022-21434: OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672) * CVE-2022-21443: OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151) * CVE-20...
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21426: OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504) * CVE-2022-21434: OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672) * CVE-2022-21443: OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151...
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21426: OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504) * CVE-2022-21434: OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672) * CVE-2022-21443: OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151) * CVE-2022-21476: OpenJDK: Defecti...
A stored cross-site scripting (XSS) vulnerability in /index.php/album/add of GalleryCMS v2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the album_name parameter.
Typemill v1.5.3 was discovered to contain an arbitrary file upload vulnerability via the upload function. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.
element-plus 2.0.5 is vulnerable to Cross Site Scripting (XSS) via el-table-column.
Jizhicms v1.9.5 was discovered to contain a Server-Side Request Forgery (SSRF) vulnerability via /admin.php/Plugins/update.html.
XSS in edit page of Hoosk 1.8.0 allows attacker to execute javascript code in user browser via edit page with XSS payload bypass filter some special chars.