Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2022:7008: Red Hat Security Advisory: java-11-openjdk security and bug fix update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077)
  • CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526)
  • CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910)
  • CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533)
  • CVE-2022-21628: OpenJDK: HttpServer no connection count limit (Lightweight HTTP Server, 8286918)
  • CVE-2022-39399: OpenJDK: missing SNI caching in HTTP/2 (Networking, 8289366)
Red Hat Security Data
#vulnerability#linux#red_hat#java#buffer_overflow#ibm

Synopsis

Moderate: java-11-openjdk security and bug fix update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.

Security Fix(es):

  • OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) (CVE-2022-21618)
  • OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) (CVE-2022-21626)
  • OpenJDK: HttpServer no connection count limit (Lightweight HTTP Server, 8286918) (CVE-2022-21628)
  • OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) (CVE-2022-21619)
  • OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) (CVE-2022-21624)
  • OpenJDK: missing SNI caching in HTTP/2 (Networking, 8289366) (CVE-2022-39399)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • Prepare for the next quarterly OpenJDK upstream release (2022-10, 11.0.17) (BZ#2130373)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of OpenJDK Java must be restarted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux Server 7 x86_64
  • Red Hat Enterprise Linux Workstation 7 x86_64
  • Red Hat Enterprise Linux Desktop 7 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 7 s390x
  • Red Hat Enterprise Linux for Power, big endian 7 ppc64
  • Red Hat Enterprise Linux for Scientific Computing 7 x86_64
  • Red Hat Enterprise Linux for Power, little endian 7 ppc64le

Fixes

  • BZ - 2130373 - Prepare for the next quarterly OpenJDK upstream release (2022-10, 11.0.17) [rhel-7.9.z]
  • BZ - 2133745 - CVE-2022-21619 OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526)
  • BZ - 2133753 - CVE-2022-21626 OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533)
  • BZ - 2133765 - CVE-2022-21624 OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910)
  • BZ - 2133769 - CVE-2022-21628 OpenJDK: HttpServer no connection count limit (Lightweight HTTP Server, 8286918)
  • BZ - 2133776 - CVE-2022-39399 OpenJDK: missing SNI caching in HTTP/2 (Networking, 8289366)
  • BZ - 2133817 - CVE-2022-21618 OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077)

CVEs

  • CVE-2022-21618
  • CVE-2022-21619
  • CVE-2022-21624
  • CVE-2022-21626
  • CVE-2022-21628
  • CVE-2022-39399

Red Hat Enterprise Linux Server 7

SRPM

java-11-openjdk-11.0.17.0.8-2.el7_9.src.rpm

SHA-256: 0f2a8f8462bf7fb8f6aac7da3d39072bdd8e8a529a9c05e3d0200447db0cbab9

x86_64

java-11-openjdk-11.0.17.0.8-2.el7_9.i686.rpm

SHA-256: 544f7e218246cbf65b31aa851f2f5c3da067c127745cd366e284cbc3dfbd73a2

java-11-openjdk-11.0.17.0.8-2.el7_9.x86_64.rpm

SHA-256: 2469ed5e202717efde43e299bbbaf9e55c6cb6154dc6ad799672b002c49f62bc

java-11-openjdk-debuginfo-11.0.17.0.8-2.el7_9.i686.rpm

SHA-256: 4cfd35b8b6944631e2ab616dea1956bdef778191ac39d1cf80ea5b4cd693b25d

java-11-openjdk-debuginfo-11.0.17.0.8-2.el7_9.i686.rpm

SHA-256: 4cfd35b8b6944631e2ab616dea1956bdef778191ac39d1cf80ea5b4cd693b25d

java-11-openjdk-debuginfo-11.0.17.0.8-2.el7_9.x86_64.rpm

SHA-256: c28cc91aa8a34906ba85e6afceea1e2648f36959c8deab290cea80c5e0f4db10

java-11-openjdk-debuginfo-11.0.17.0.8-2.el7_9.x86_64.rpm

SHA-256: c28cc91aa8a34906ba85e6afceea1e2648f36959c8deab290cea80c5e0f4db10

java-11-openjdk-demo-11.0.17.0.8-2.el7_9.i686.rpm

SHA-256: 7a648c794236a2971dffd75a2bc545cb5e528ab4523c82b03b01e4f5af1058c6

java-11-openjdk-demo-11.0.17.0.8-2.el7_9.x86_64.rpm

SHA-256: b2c908bd240722e03b6782920152f8e4d54bde0e1eacb0c3a3bbe26c828a9099

java-11-openjdk-devel-11.0.17.0.8-2.el7_9.i686.rpm

SHA-256: bf64987308782aa33cd3c23f45bf0d2598be87941409925ef06ededaf325923b

java-11-openjdk-devel-11.0.17.0.8-2.el7_9.x86_64.rpm

SHA-256: a186bde982e65f542689c375f3adba440ae11c34f6301777e0687c4a8fb3a282

java-11-openjdk-headless-11.0.17.0.8-2.el7_9.i686.rpm

SHA-256: 82227627f273928487d876cd1e04133876dda444c2f30c8fae577b92f89d44b7

java-11-openjdk-headless-11.0.17.0.8-2.el7_9.x86_64.rpm

SHA-256: 4c4861edf0ec4e2913c19c806c992848deac3befb70f23be3207a0998686931a

java-11-openjdk-javadoc-11.0.17.0.8-2.el7_9.i686.rpm

SHA-256: 11dd174e0177ad40d420c233363580560b78585e1f6c0d686ad5747446879dc0

java-11-openjdk-javadoc-11.0.17.0.8-2.el7_9.x86_64.rpm

SHA-256: eeb656bf5f045e2c5e3d37b5928cd11214c46db7eec83b7362ed6df35db2669a

java-11-openjdk-javadoc-zip-11.0.17.0.8-2.el7_9.i686.rpm

SHA-256: c38a4b0ae16d51c54695df6829b3c79221792d1c5f087b7d62e16cb731622f7f

java-11-openjdk-javadoc-zip-11.0.17.0.8-2.el7_9.x86_64.rpm

SHA-256: 44d6f89fa1233b5ae1fa58f70af63c6344d54471ea00d7995d072ed0c8422fc5

java-11-openjdk-jmods-11.0.17.0.8-2.el7_9.i686.rpm

SHA-256: bebb7a4a69ab3376f26d3aef241fc31fce09d83f01600aabb63db0e5b16072f2

java-11-openjdk-jmods-11.0.17.0.8-2.el7_9.x86_64.rpm

SHA-256: 1ccebb6639baa1f28d5a22dac62cc0f908cfdb0519e93565fdd043d8241c56d1

java-11-openjdk-src-11.0.17.0.8-2.el7_9.i686.rpm

SHA-256: cc5d4aceb3e238d4af6903b6e73d88af2fcf9472d4a19b08c1bdc04f1e0e9693

java-11-openjdk-src-11.0.17.0.8-2.el7_9.x86_64.rpm

SHA-256: 7d04e9315c079ac93b24d907819528da2932f9aa86708ccb84fafa32d95fc57f

java-11-openjdk-static-libs-11.0.17.0.8-2.el7_9.i686.rpm

SHA-256: d0befe7ba70701e625c93713e93f9b0a03f72ab6926f479bf66236058afbe243

java-11-openjdk-static-libs-11.0.17.0.8-2.el7_9.x86_64.rpm

SHA-256: e42025d3d9044d9c1fde91e683156c84f0dbed057fd26dc3035f18d3bf35e39e

Red Hat Enterprise Linux Workstation 7

SRPM

java-11-openjdk-11.0.17.0.8-2.el7_9.src.rpm

SHA-256: 0f2a8f8462bf7fb8f6aac7da3d39072bdd8e8a529a9c05e3d0200447db0cbab9

x86_64

java-11-openjdk-11.0.17.0.8-2.el7_9.i686.rpm

SHA-256: 544f7e218246cbf65b31aa851f2f5c3da067c127745cd366e284cbc3dfbd73a2

java-11-openjdk-11.0.17.0.8-2.el7_9.x86_64.rpm

SHA-256: 2469ed5e202717efde43e299bbbaf9e55c6cb6154dc6ad799672b002c49f62bc

java-11-openjdk-debuginfo-11.0.17.0.8-2.el7_9.i686.rpm

SHA-256: 4cfd35b8b6944631e2ab616dea1956bdef778191ac39d1cf80ea5b4cd693b25d

java-11-openjdk-debuginfo-11.0.17.0.8-2.el7_9.i686.rpm

SHA-256: 4cfd35b8b6944631e2ab616dea1956bdef778191ac39d1cf80ea5b4cd693b25d

java-11-openjdk-debuginfo-11.0.17.0.8-2.el7_9.x86_64.rpm

SHA-256: c28cc91aa8a34906ba85e6afceea1e2648f36959c8deab290cea80c5e0f4db10

java-11-openjdk-debuginfo-11.0.17.0.8-2.el7_9.x86_64.rpm

SHA-256: c28cc91aa8a34906ba85e6afceea1e2648f36959c8deab290cea80c5e0f4db10

java-11-openjdk-demo-11.0.17.0.8-2.el7_9.i686.rpm

SHA-256: 7a648c794236a2971dffd75a2bc545cb5e528ab4523c82b03b01e4f5af1058c6

java-11-openjdk-demo-11.0.17.0.8-2.el7_9.x86_64.rpm

SHA-256: b2c908bd240722e03b6782920152f8e4d54bde0e1eacb0c3a3bbe26c828a9099

java-11-openjdk-devel-11.0.17.0.8-2.el7_9.i686.rpm

SHA-256: bf64987308782aa33cd3c23f45bf0d2598be87941409925ef06ededaf325923b

java-11-openjdk-devel-11.0.17.0.8-2.el7_9.x86_64.rpm

SHA-256: a186bde982e65f542689c375f3adba440ae11c34f6301777e0687c4a8fb3a282

java-11-openjdk-headless-11.0.17.0.8-2.el7_9.i686.rpm

SHA-256: 82227627f273928487d876cd1e04133876dda444c2f30c8fae577b92f89d44b7

java-11-openjdk-headless-11.0.17.0.8-2.el7_9.x86_64.rpm

SHA-256: 4c4861edf0ec4e2913c19c806c992848deac3befb70f23be3207a0998686931a

java-11-openjdk-javadoc-11.0.17.0.8-2.el7_9.i686.rpm

SHA-256: 11dd174e0177ad40d420c233363580560b78585e1f6c0d686ad5747446879dc0

java-11-openjdk-javadoc-11.0.17.0.8-2.el7_9.x86_64.rpm

SHA-256: eeb656bf5f045e2c5e3d37b5928cd11214c46db7eec83b7362ed6df35db2669a

java-11-openjdk-javadoc-zip-11.0.17.0.8-2.el7_9.i686.rpm

SHA-256: c38a4b0ae16d51c54695df6829b3c79221792d1c5f087b7d62e16cb731622f7f

java-11-openjdk-javadoc-zip-11.0.17.0.8-2.el7_9.x86_64.rpm

SHA-256: 44d6f89fa1233b5ae1fa58f70af63c6344d54471ea00d7995d072ed0c8422fc5

java-11-openjdk-jmods-11.0.17.0.8-2.el7_9.i686.rpm

SHA-256: bebb7a4a69ab3376f26d3aef241fc31fce09d83f01600aabb63db0e5b16072f2

java-11-openjdk-jmods-11.0.17.0.8-2.el7_9.x86_64.rpm

SHA-256: 1ccebb6639baa1f28d5a22dac62cc0f908cfdb0519e93565fdd043d8241c56d1

java-11-openjdk-src-11.0.17.0.8-2.el7_9.i686.rpm

SHA-256: cc5d4aceb3e238d4af6903b6e73d88af2fcf9472d4a19b08c1bdc04f1e0e9693

java-11-openjdk-src-11.0.17.0.8-2.el7_9.x86_64.rpm

SHA-256: 7d04e9315c079ac93b24d907819528da2932f9aa86708ccb84fafa32d95fc57f

java-11-openjdk-static-libs-11.0.17.0.8-2.el7_9.i686.rpm

SHA-256: d0befe7ba70701e625c93713e93f9b0a03f72ab6926f479bf66236058afbe243

java-11-openjdk-static-libs-11.0.17.0.8-2.el7_9.x86_64.rpm

SHA-256: e42025d3d9044d9c1fde91e683156c84f0dbed057fd26dc3035f18d3bf35e39e

Red Hat Enterprise Linux Desktop 7

SRPM

java-11-openjdk-11.0.17.0.8-2.el7_9.src.rpm

SHA-256: 0f2a8f8462bf7fb8f6aac7da3d39072bdd8e8a529a9c05e3d0200447db0cbab9

x86_64

java-11-openjdk-11.0.17.0.8-2.el7_9.i686.rpm

SHA-256: 544f7e218246cbf65b31aa851f2f5c3da067c127745cd366e284cbc3dfbd73a2

java-11-openjdk-11.0.17.0.8-2.el7_9.x86_64.rpm

SHA-256: 2469ed5e202717efde43e299bbbaf9e55c6cb6154dc6ad799672b002c49f62bc

java-11-openjdk-debuginfo-11.0.17.0.8-2.el7_9.i686.rpm

SHA-256: 4cfd35b8b6944631e2ab616dea1956bdef778191ac39d1cf80ea5b4cd693b25d

java-11-openjdk-debuginfo-11.0.17.0.8-2.el7_9.i686.rpm

SHA-256: 4cfd35b8b6944631e2ab616dea1956bdef778191ac39d1cf80ea5b4cd693b25d

java-11-openjdk-debuginfo-11.0.17.0.8-2.el7_9.x86_64.rpm

SHA-256: c28cc91aa8a34906ba85e6afceea1e2648f36959c8deab290cea80c5e0f4db10

java-11-openjdk-debuginfo-11.0.17.0.8-2.el7_9.x86_64.rpm

SHA-256: c28cc91aa8a34906ba85e6afceea1e2648f36959c8deab290cea80c5e0f4db10

java-11-openjdk-demo-11.0.17.0.8-2.el7_9.i686.rpm

SHA-256: 7a648c794236a2971dffd75a2bc545cb5e528ab4523c82b03b01e4f5af1058c6

java-11-openjdk-demo-11.0.17.0.8-2.el7_9.x86_64.rpm

SHA-256: b2c908bd240722e03b6782920152f8e4d54bde0e1eacb0c3a3bbe26c828a9099

java-11-openjdk-devel-11.0.17.0.8-2.el7_9.i686.rpm

SHA-256: bf64987308782aa33cd3c23f45bf0d2598be87941409925ef06ededaf325923b

java-11-openjdk-devel-11.0.17.0.8-2.el7_9.x86_64.rpm

SHA-256: a186bde982e65f542689c375f3adba440ae11c34f6301777e0687c4a8fb3a282

java-11-openjdk-headless-11.0.17.0.8-2.el7_9.i686.rpm

SHA-256: 82227627f273928487d876cd1e04133876dda444c2f30c8fae577b92f89d44b7

java-11-openjdk-headless-11.0.17.0.8-2.el7_9.x86_64.rpm

SHA-256: 4c4861edf0ec4e2913c19c806c992848deac3befb70f23be3207a0998686931a

java-11-openjdk-javadoc-11.0.17.0.8-2.el7_9.i686.rpm

SHA-256: 11dd174e0177ad40d420c233363580560b78585e1f6c0d686ad5747446879dc0

java-11-openjdk-javadoc-11.0.17.0.8-2.el7_9.x86_64.rpm

SHA-256: eeb656bf5f045e2c5e3d37b5928cd11214c46db7eec83b7362ed6df35db2669a

java-11-openjdk-javadoc-zip-11.0.17.0.8-2.el7_9.i686.rpm

SHA-256: c38a4b0ae16d51c54695df6829b3c79221792d1c5f087b7d62e16cb731622f7f

java-11-openjdk-javadoc-zip-11.0.17.0.8-2.el7_9.x86_64.rpm

SHA-256: 44d6f89fa1233b5ae1fa58f70af63c6344d54471ea00d7995d072ed0c8422fc5

java-11-openjdk-jmods-11.0.17.0.8-2.el7_9.i686.rpm

SHA-256: bebb7a4a69ab3376f26d3aef241fc31fce09d83f01600aabb63db0e5b16072f2

java-11-openjdk-jmods-11.0.17.0.8-2.el7_9.x86_64.rpm

SHA-256: 1ccebb6639baa1f28d5a22dac62cc0f908cfdb0519e93565fdd043d8241c56d1

java-11-openjdk-src-11.0.17.0.8-2.el7_9.i686.rpm

SHA-256: cc5d4aceb3e238d4af6903b6e73d88af2fcf9472d4a19b08c1bdc04f1e0e9693

java-11-openjdk-src-11.0.17.0.8-2.el7_9.x86_64.rpm

SHA-256: 7d04e9315c079ac93b24d907819528da2932f9aa86708ccb84fafa32d95fc57f

java-11-openjdk-static-libs-11.0.17.0.8-2.el7_9.i686.rpm

SHA-256: d0befe7ba70701e625c93713e93f9b0a03f72ab6926f479bf66236058afbe243

java-11-openjdk-static-libs-11.0.17.0.8-2.el7_9.x86_64.rpm

SHA-256: e42025d3d9044d9c1fde91e683156c84f0dbed057fd26dc3035f18d3bf35e39e

Red Hat Enterprise Linux for IBM z Systems 7

SRPM

java-11-openjdk-11.0.17.0.8-2.el7_9.src.rpm

SHA-256: 0f2a8f8462bf7fb8f6aac7da3d39072bdd8e8a529a9c05e3d0200447db0cbab9

s390x

java-11-openjdk-11.0.17.0.8-2.el7_9.s390x.rpm

SHA-256: 2bba8bc7f9803f17d65767b4ae8ccb30fed92d7004a0a88af5ba230c58dc1da2

java-11-openjdk-debuginfo-11.0.17.0.8-2.el7_9.s390x.rpm

SHA-256: 4b1e4f0b2a75e326a2f10895a5100909713eba5d5c9485a4ae6e4dbfe1b5a0c9

java-11-openjdk-debuginfo-11.0.17.0.8-2.el7_9.s390x.rpm

SHA-256: 4b1e4f0b2a75e326a2f10895a5100909713eba5d5c9485a4ae6e4dbfe1b5a0c9

java-11-openjdk-demo-11.0.17.0.8-2.el7_9.s390x.rpm

SHA-256: 739a5e707a2b0d48bb743ee506b53194eb16e518e3f590aba5613fcd794e3133

java-11-openjdk-devel-11.0.17.0.8-2.el7_9.s390x.rpm

SHA-256: 3afa5458746b0519ef2d9652914a72dd4fd237d15b5bfc5b04a219594694d4df

java-11-openjdk-headless-11.0.17.0.8-2.el7_9.s390x.rpm

SHA-256: 7f5b56f6466d2a07b075322b3fd77bf03e138b4b4fbd3d1538fb8091fdf5e040

java-11-openjdk-javadoc-11.0.17.0.8-2.el7_9.s390x.rpm

SHA-256: c1c6e3373f39962e908a652db756ff4f8092aba93a186bc572a840a19d125f38

java-11-openjdk-javadoc-zip-11.0.17.0.8-2.el7_9.s390x.rpm

SHA-256: 46ff520f7f136a2f19e3938f699e2e9cf1e6cfeb444e7622ff62c88ca9633f5b

java-11-openjdk-jmods-11.0.17.0.8-2.el7_9.s390x.rpm

SHA-256: 82e7dfcf03005439fa779ee2936aa826427a28430793351f948615b6fa126c28

java-11-openjdk-src-11.0.17.0.8-2.el7_9.s390x.rpm

SHA-256: 437d73dda21e3f924d5d3530ff45b8a422315dc3584d5bf20cb5fb2e25ff6ffb

java-11-openjdk-static-libs-11.0.17.0.8-2.el7_9.s390x.rpm

SHA-256: eb2e46a70b37e73efcd1ecd8f4bf2b058deda4b0cf12cf45306d8e85515e8e1f

Red Hat Enterprise Linux for Power, big endian 7

SRPM

java-11-openjdk-11.0.17.0.8-2.el7_9.src.rpm

SHA-256: 0f2a8f8462bf7fb8f6aac7da3d39072bdd8e8a529a9c05e3d0200447db0cbab9

ppc64

java-11-openjdk-11.0.17.0.8-2.el7_9.ppc64.rpm

SHA-256: 36bbfe49ff0329c59a8ff372f3c2b2e131128b4b5d7a8817c68b296941a1909d

java-11-openjdk-debuginfo-11.0.17.0.8-2.el7_9.ppc64.rpm

SHA-256: 132e845b8e5b63d4648e7f24af3dbc89d54818e6a36571678e390bafc193a971

java-11-openjdk-debuginfo-11.0.17.0.8-2.el7_9.ppc64.rpm

SHA-256: 132e845b8e5b63d4648e7f24af3dbc89d54818e6a36571678e390bafc193a971

java-11-openjdk-demo-11.0.17.0.8-2.el7_9.ppc64.rpm

SHA-256: a219417182152292549e90be0e85d849454cbe15c9791e4bc5bbd83207653e6d

java-11-openjdk-devel-11.0.17.0.8-2.el7_9.ppc64.rpm

SHA-256: f23a519278139af87f0263789ff12657822ea5f9e95fdd1ca3f8b1e9c0d4ae73

java-11-openjdk-headless-11.0.17.0.8-2.el7_9.ppc64.rpm

SHA-256: a0071e22034a156b891b4100fd01ddc64dee93e5a4517d02d3a80fd4f1688a9c

java-11-openjdk-javadoc-11.0.17.0.8-2.el7_9.ppc64.rpm

SHA-256: 6d7b5d1e12d613dd9ddb3281c61db3d1965716d5fcd9a2ac4bfbc55d0fb12d10

java-11-openjdk-javadoc-zip-11.0.17.0.8-2.el7_9.ppc64.rpm

SHA-256: 017cf117f63330d878e0919c37b9dad92fb6084c0c8314640d6bbebc921bb8db

java-11-openjdk-jmods-11.0.17.0.8-2.el7_9.ppc64.rpm

SHA-256: 2dad6e7af9ddc1346159dc5cfc6b7fea08436cab988b80a856fee65c7ab244bb

java-11-openjdk-src-11.0.17.0.8-2.el7_9.ppc64.rpm

SHA-256: fd09ac426a28bcffcdb5b3206df4073b8119f3175a2ded48f1ae434798e50956

java-11-openjdk-static-libs-11.0.17.0.8-2.el7_9.ppc64.rpm

SHA-256: 427a435b79e00d7e1f2d2352c81992d9f7387cfb76771bf353675d3cfb933851

Red Hat Enterprise Linux for Scientific Computing 7

SRPM

java-11-openjdk-11.0.17.0.8-2.el7_9.src.rpm

SHA-256: 0f2a8f8462bf7fb8f6aac7da3d39072bdd8e8a529a9c05e3d0200447db0cbab9

x86_64

java-11-openjdk-11.0.17.0.8-2.el7_9.i686.rpm

SHA-256: 544f7e218246cbf65b31aa851f2f5c3da067c127745cd366e284cbc3dfbd73a2

java-11-openjdk-11.0.17.0.8-2.el7_9.x86_64.rpm

SHA-256: 2469ed5e202717efde43e299bbbaf9e55c6cb6154dc6ad799672b002c49f62bc

java-11-openjdk-debuginfo-11.0.17.0.8-2.el7_9.i686.rpm

SHA-256: 4cfd35b8b6944631e2ab616dea1956bdef778191ac39d1cf80ea5b4cd693b25d

java-11-openjdk-debuginfo-11.0.17.0.8-2.el7_9.i686.rpm

SHA-256: 4cfd35b8b6944631e2ab616dea1956bdef778191ac39d1cf80ea5b4cd693b25d

java-11-openjdk-debuginfo-11.0.17.0.8-2.el7_9.x86_64.rpm

SHA-256: c28cc91aa8a34906ba85e6afceea1e2648f36959c8deab290cea80c5e0f4db10

java-11-openjdk-debuginfo-11.0.17.0.8-2.el7_9.x86_64.rpm

SHA-256: c28cc91aa8a34906ba85e6afceea1e2648f36959c8deab290cea80c5e0f4db10

java-11-openjdk-demo-11.0.17.0.8-2.el7_9.i686.rpm

SHA-256: 7a648c794236a2971dffd75a2bc545cb5e528ab4523c82b03b01e4f5af1058c6

java-11-openjdk-demo-11.0.17.0.8-2.el7_9.x86_64.rpm

SHA-256: b2c908bd240722e03b6782920152f8e4d54bde0e1eacb0c3a3bbe26c828a9099

java-11-openjdk-devel-11.0.17.0.8-2.el7_9.i686.rpm

SHA-256: bf64987308782aa33cd3c23f45bf0d2598be87941409925ef06ededaf325923b

java-11-openjdk-devel-11.0.17.0.8-2.el7_9.x86_64.rpm

SHA-256: a186bde982e65f542689c375f3adba440ae11c34f6301777e0687c4a8fb3a282

java-11-openjdk-headless-11.0.17.0.8-2.el7_9.i686.rpm

SHA-256: 82227627f273928487d876cd1e04133876dda444c2f30c8fae577b92f89d44b7

java-11-openjdk-headless-11.0.17.0.8-2.el7_9.x86_64.rpm

SHA-256: 4c4861edf0ec4e2913c19c806c992848deac3befb70f23be3207a0998686931a

java-11-openjdk-javadoc-11.0.17.0.8-2.el7_9.i686.rpm

SHA-256: 11dd174e0177ad40d420c233363580560b78585e1f6c0d686ad5747446879dc0

java-11-openjdk-javadoc-11.0.17.0.8-2.el7_9.x86_64.rpm

SHA-256: eeb656bf5f045e2c5e3d37b5928cd11214c46db7eec83b7362ed6df35db2669a

java-11-openjdk-javadoc-zip-11.0.17.0.8-2.el7_9.i686.rpm

SHA-256: c38a4b0ae16d51c54695df6829b3c79221792d1c5f087b7d62e16cb731622f7f

java-11-openjdk-javadoc-zip-11.0.17.0.8-2.el7_9.x86_64.rpm

SHA-256: 44d6f89fa1233b5ae1fa58f70af63c6344d54471ea00d7995d072ed0c8422fc5

java-11-openjdk-jmods-11.0.17.0.8-2.el7_9.i686.rpm

SHA-256: bebb7a4a69ab3376f26d3aef241fc31fce09d83f01600aabb63db0e5b16072f2

java-11-openjdk-jmods-11.0.17.0.8-2.el7_9.x86_64.rpm

SHA-256: 1ccebb6639baa1f28d5a22dac62cc0f908cfdb0519e93565fdd043d8241c56d1

java-11-openjdk-src-11.0.17.0.8-2.el7_9.i686.rpm

SHA-256: cc5d4aceb3e238d4af6903b6e73d88af2fcf9472d4a19b08c1bdc04f1e0e9693

java-11-openjdk-src-11.0.17.0.8-2.el7_9.x86_64.rpm

SHA-256: 7d04e9315c079ac93b24d907819528da2932f9aa86708ccb84fafa32d95fc57f

java-11-openjdk-static-libs-11.0.17.0.8-2.el7_9.i686.rpm

SHA-256: d0befe7ba70701e625c93713e93f9b0a03f72ab6926f479bf66236058afbe243

java-11-openjdk-static-libs-11.0.17.0.8-2.el7_9.x86_64.rpm

SHA-256: e42025d3d9044d9c1fde91e683156c84f0dbed057fd26dc3035f18d3bf35e39e

Red Hat Enterprise Linux for Power, little endian 7

SRPM

java-11-openjdk-11.0.17.0.8-2.el7_9.src.rpm

SHA-256: 0f2a8f8462bf7fb8f6aac7da3d39072bdd8e8a529a9c05e3d0200447db0cbab9

ppc64le

java-11-openjdk-11.0.17.0.8-2.el7_9.ppc64le.rpm

SHA-256: 0170deb2975b7e6d5a3958ce202c036b63db3ebe1cffbe7d640719a254cc8dab

java-11-openjdk-debuginfo-11.0.17.0.8-2.el7_9.ppc64le.rpm

SHA-256: 6f2764944cfb7a34373bda0f262de12ee2921f2db0dcfe5f62db9e13222787bd

java-11-openjdk-debuginfo-11.0.17.0.8-2.el7_9.ppc64le.rpm

SHA-256: 6f2764944cfb7a34373bda0f262de12ee2921f2db0dcfe5f62db9e13222787bd

java-11-openjdk-demo-11.0.17.0.8-2.el7_9.ppc64le.rpm

SHA-256: ce8a4cd1303956ee7fc663a05f1f1763d956d9e87dc15adbea603be651634c98

java-11-openjdk-devel-11.0.17.0.8-2.el7_9.ppc64le.rpm

SHA-256: 828cf5827bfce6b54e87c6873cf4039ed2264d99a948dcdb50aaa5c42eb1f750

java-11-openjdk-headless-11.0.17.0.8-2.el7_9.ppc64le.rpm

SHA-256: 442cf834a3b772a7400a17d9d51da27c99dedde215e851f960b26a28d281d17c

java-11-openjdk-javadoc-11.0.17.0.8-2.el7_9.ppc64le.rpm

SHA-256: 0d9d496935a7732e292fef357c2cf203ca1519183600d844f1db80bc3475907f

java-11-openjdk-javadoc-zip-11.0.17.0.8-2.el7_9.ppc64le.rpm

SHA-256: 10ad92e2b881e3e0e8863b58e0d01b28455d72909eaea26fffbfcb601530b2e7

java-11-openjdk-jmods-11.0.17.0.8-2.el7_9.ppc64le.rpm

SHA-256: fb60a6149b54de84d03991e6b76f91a81e74ff9cf90212c4152e210dc2a5d2dd

java-11-openjdk-src-11.0.17.0.8-2.el7_9.ppc64le.rpm

SHA-256: 36c7e0e50b9ca09089be78f83e1cef7ecb2d4574cf1534b84f5cfb3cb39f32b9

java-11-openjdk-static-libs-11.0.17.0.8-2.el7_9.ppc64le.rpm

SHA-256: 66709f599fd10f1720961abe0004faeaa676fca138b9939ea486fc13ba0e95a7

Related news

CVE-2023-28864: Chef Infra Server Release Notes

Progress Chef Infra Server before 15.7 allows a local attacker to exploit a /var/opt/opscode/local-mode-cache/backup world-readable temporary backup path to access sensitive information, resulting in the disclosure of all indexed node data, because OpenSearch credentials are exposed. (The data typically includes credentials for additional systems.) The attacker must wait for an admin to run the "chef-server-ctl reconfigure" command.

CVE-2023-23694: DSA-2023-071: Dell VxRail Security Update for Multiple Third-Party Component Vulnerabilities – 7.0.450

Dell VxRail versions earlier than 7.0.450, contain(s) an OS command injection vulnerability in VxRail Manager. A local authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application. Exploitation may lead to a system take over by an attacker.

Red Hat Security Advisory 2023-0128-01

Red Hat Security Advisory 2023-0128-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR7-FP20. Issues addressed include a randomization vulnerability.

Red Hat Security Advisory 2022-8889-01

Red Hat Security Advisory 2022-8889-01 - This is an Openshift Logging bug fix release. Issues addressed include a denial of service vulnerability.

RHSA-2022:8781: Red Hat Security Advisory: Logging Subsystem 5.5.5 - Red Hat OpenShift security update

Logging Subsystem 5.5.5 - Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-36518: jackson-databind: denial of service via a large depth of nested objects * CVE-2022-2879: golang: archive/tar: unbounded memory consumption when reading headers * CVE-2022-2880: golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters * CVE-2022-27664: golang: net/http: handle server errors after sending GOAWAY * CVE-2022-32189: golang: math/b...

Red Hat Security Advisory 2022-7434-01

Red Hat Security Advisory 2022-7434-01 - A Red Hat OpenShift security update has been provided for the Logging Subsystem.

Red Hat Security Advisory 2022-6882-01

Red Hat Security Advisory 2022-6882-01 - Openshift Logging 5.3.13 security and bug fix release.

RHSA-2022:7216: Red Hat Security Advisory: OpenShift Container Platform 4.9.51 bug fix and security update

Red Hat OpenShift Container Platform release 4.9.51 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.9.51 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-26945: go-getter: command injection vulnerability * CVE-2022-30321: go-getter: unsafe download (issue 1 of 3) * CVE-2022-30322: go-getter: unsafe download (issue 2 of 3) * CVE-2022-30323: ...

Red Hat Security Advisory 2022-7211-01

Red Hat Security Advisory 2022-7211-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.10.39. Issues addressed include a code execution vulnerability.

Red Hat Security Advisory 2022-7051-01

Red Hat Security Advisory 2022-7051-01 - The OpenJDK 17 packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. This release of the Red Hat build of OpenJDK 17 for Windows serves as a replacement for the Red Hat build of OpenJDK 17 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include buffer overflow and randomization vulnerabilities.

Red Hat Security Advisory 2022-7052-01

Red Hat Security Advisory 2022-7052-01 - The OpenJDK 11 packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. This release of the Red Hat build of OpenJDK 11 for Windows serves as a replacement for the Red Hat build of OpenJDK 11 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include buffer overflow and randomization vulnerabilities.

Red Hat Security Advisory 2022-7053-01

Red Hat Security Advisory 2022-7053-01 - The OpenJDK 17 packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. This release of the Red Hat build of OpenJDK 17 for portable Linux serves as a replacement for the Red Hat build of OpenJDK 17 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include buffer overflow and randomization vulnerabilities.

Red Hat Security Advisory 2022-7005-01

Red Hat Security Advisory 2022-7005-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a randomization vulnerability.

Red Hat Security Advisory 2022-7008-01

Red Hat Security Advisory 2022-7008-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include buffer overflow and randomization vulnerabilities.

Red Hat Security Advisory 2022-7006-01

Red Hat Security Advisory 2022-7006-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a randomization vulnerability.

Red Hat Security Advisory 2022-7002-01

Red Hat Security Advisory 2022-7002-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a randomization vulnerability.

Red Hat Security Advisory 2022-7004-01

Red Hat Security Advisory 2022-7004-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a randomization vulnerability.

Red Hat Security Advisory 2022-7010-01

Red Hat Security Advisory 2022-7010-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include buffer overflow and randomization vulnerabilities.

Red Hat Security Advisory 2022-7000-01

Red Hat Security Advisory 2022-7000-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Issues addressed include buffer overflow and randomization vulnerabilities.

RHSA-2022:7053: Red Hat Security Advisory: OpenJDK 17.0.5 Security Update for Portable Linux Builds

The Red Hat build of OpenJDK 17 (java-17-openjdk) is now available for portable Linux. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X...

RHSA-2022:7051: Red Hat Security Advisory: OpenJDK 17.0.5 Security Update for Windows Builds

The Red Hat build of OpenJDK 17 (java-17-openjdk) is now available for Windows. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 ce...

RHSA-2022:7054: Red Hat Security Advisory: OpenJDK 11.0.17 Security Update for Portable Linux Builds

The Red Hat Build of OpenJDK 11 (java-11-openjdk) is now available for portable Linux. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X...

RHSA-2022:7052: Red Hat Security Advisory: OpenJDK 11.0.17 Security Update for Windows Builds

The Red Hat Build of OpenJDK 11 (java-11-openjdk) is now available for Windows. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 ce...

RHSA-2022:7050: Red Hat Security Advisory: OpenJDK 8u352 Security Update for Portable Linux Builds

The Red Hat build of OpenJDK 8 (java-1.8.0-openjdk) is now available for portable Linux. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) * CVE-2022-21628: OpenJDK: HttpServer no connection co...

RHSA-2022:7049: Red Hat Security Advisory: OpenJDK 8u352 Windows Security Update

The Red Hat build of OpenJDK 8 (java-1.8.0-openjdk) is now available for Windows. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) * CVE-2022-21628: OpenJDK: HttpServer no connection count lim...

RHSA-2022:7013: Red Hat Security Advisory: java-11-openjdk security and bug fix update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...

RHSA-2022:6999: Red Hat Security Advisory: java-17-openjdk security and bug fix update

An update for java-17-openjdk is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...

RHSA-2022:7007: Red Hat Security Advisory: java-1.8.0-openjdk security update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) * CVE-2022-21628: OpenJDK: HttpServer no connection count lim...

RHSA-2022:7012: Red Hat Security Advisory: java-11-openjdk security and bug fix update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...

RHSA-2022:7000: Red Hat Security Advisory: java-17-openjdk security and bug fix update

An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...

RHSA-2022:7000: Red Hat Security Advisory: java-17-openjdk security and bug fix update

An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...

RHSA-2022:7012: Red Hat Security Advisory: java-11-openjdk security and bug fix update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...

RHSA-2022:7000: Red Hat Security Advisory: java-17-openjdk security and bug fix update

An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...

RHSA-2022:7012: Red Hat Security Advisory: java-11-openjdk security and bug fix update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...

RHSA-2022:7000: Red Hat Security Advisory: java-17-openjdk security and bug fix update

An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...

RHSA-2022:7012: Red Hat Security Advisory: java-11-openjdk security and bug fix update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...

RHSA-2022:7012: Red Hat Security Advisory: java-11-openjdk security and bug fix update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...

RHSA-2022:7000: Red Hat Security Advisory: java-17-openjdk security and bug fix update

An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...

RHSA-2022:7000: Red Hat Security Advisory: java-17-openjdk security and bug fix update

An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...

RHSA-2022:7012: Red Hat Security Advisory: java-11-openjdk security and bug fix update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...

RHSA-2022:7010: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memo...

RHSA-2022:7011: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memo...

RHSA-2022:7006: Red Hat Security Advisory: java-1.8.0-openjdk security update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) * CVE-2022-21628: OpenJDK: HttpServer no connection count lim...

RHSA-2022:7001: Red Hat Security Advisory: java-17-openjdk security update

An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memo...

RHSA-2022:7002: Red Hat Security Advisory: java-1.8.0-openjdk security and bug fix update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) * CVE-2022-21628: OpenJDK: HttpServer no connection count lim...

RHSA-2022:7005: Red Hat Security Advisory: java-1.8.0-openjdk security update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) * CVE-2022-21628: OpenJDK: HttpServ...

RHSA-2022:7003: Red Hat Security Advisory: java-1.8.0-openjdk security update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) * CVE-2022-21628: OpenJDK...

RHSA-2022:7004: Red Hat Security Advisory: java-1.8.0-openjdk security update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) * CVE-2022-21628: OpenJDK: HttpServ...

RHSA-2022:7009: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: exce...

CVE-2022-21587: Oracle Critical Patch Update Advisory - October 2022

Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Upload). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator. Successful attacks of this vulnerability can result in takeover of Oracle Web Applications Desktop Integrator. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

CVE-2022-21587: Oracle Critical Patch Update Advisory - October 2022

Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Upload). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator. Successful attacks of this vulnerability can result in takeover of Oracle Web Applications Desktop Integrator. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

CVE-2022-21587: Oracle Critical Patch Update Advisory - October 2022

Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Upload). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator. Successful attacks of this vulnerability can result in takeover of Oracle Web Applications Desktop Integrator. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

CVE-2022-21587: Oracle Critical Patch Update Advisory - October 2022

Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Upload). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator. Successful attacks of this vulnerability can result in takeover of Oracle Web Applications Desktop Integrator. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

CVE-2022-21587: Oracle Critical Patch Update Advisory - October 2022

Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Upload). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator. Successful attacks of this vulnerability can result in takeover of Oracle Web Applications Desktop Integrator. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

CVE-2022-21587: Oracle Critical Patch Update Advisory - October 2022

Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Upload). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator. Successful attacks of this vulnerability can result in takeover of Oracle Web Applications Desktop Integrator. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).