Headline
RHSA-2022:7001: Red Hat Security Advisory: java-17-openjdk security update
An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077)
- CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526)
- CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910)
- CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533)
- CVE-2022-21628: OpenJDK: HttpServer no connection count limit (Lightweight HTTP Server, 8286918)
- CVE-2022-39399: OpenJDK: missing SNI caching in HTTP/2 (Networking, 8289366)
Synopsis
Moderate: java-17-openjdk security update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit.
Security Fix(es):
- OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) (CVE-2022-21618)
- OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) (CVE-2022-21626)
- OpenJDK: HttpServer no connection count limit (Lightweight HTTP Server, 8286918) (CVE-2022-21628)
- OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) (CVE-2022-21619)
- OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) (CVE-2022-21624)
- OpenJDK: missing SNI caching in HTTP/2 (Networking, 8289366) (CVE-2022-39399)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
All running instances of OpenJDK Java must be restarted for this update to take effect.
Affected Products
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64
- Red Hat Enterprise Linux Server - AUS 8.4 x86_64
- Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4 s390x
- Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4 ppc64le
- Red Hat Enterprise Linux Server - TUS 8.4 x86_64
- Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4 aarch64
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.4 ppc64le
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.4 x86_64
- Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.4 x86_64
- Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.4 ppc64le
- Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.4 s390x
- Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.4 aarch64
Fixes
- BZ - 2133745 - CVE-2022-21619 OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526)
- BZ - 2133753 - CVE-2022-21626 OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533)
- BZ - 2133765 - CVE-2022-21624 OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910)
- BZ - 2133769 - CVE-2022-21628 OpenJDK: HttpServer no connection count limit (Lightweight HTTP Server, 8286918)
- BZ - 2133776 - CVE-2022-39399 OpenJDK: missing SNI caching in HTTP/2 (Networking, 8289366)
- BZ - 2133817 - CVE-2022-21618 OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077)
CVEs
- CVE-2022-21618
- CVE-2022-21619
- CVE-2022-21624
- CVE-2022-21626
- CVE-2022-21628
- CVE-2022-39399
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4
SRPM
java-17-openjdk-17.0.5.0.8-2.el8_4.src.rpm
SHA-256: 8af9094a08bf15827adf5351267eff7f98549d1e0c1b747b08903dec1339cff2
x86_64
java-17-openjdk-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: 8418a70aa2fec06f3e6754986b88af1c4ca50d5356120baa0872180bcb1a3ba0
java-17-openjdk-debuginfo-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: cea6ec1c33948713a2451c5e69bd29ea422acfec93c540ed819201b47f5ca32b
java-17-openjdk-debugsource-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: 27f8a6bfd907b60ca14aa6abe087939143951c198e1520770d1f6f1722884a35
java-17-openjdk-demo-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: 41a19b9ad42ad6fe6735201992d838404af2bf063f4236765acaa6319d4165d6
java-17-openjdk-devel-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: 95cc61f7a4d778dca113c9980dc8c00ab1ea7c69dc599cb9433c89de9b42deb7
java-17-openjdk-devel-debuginfo-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: db504ac20489b42df085fd717745094066dd767178177623ff99cb76daaa819f
java-17-openjdk-headless-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: 2e90b5764f595a136bdb731bf7257c493cd8665f7c50f8470c3ab3b8d72837d3
java-17-openjdk-headless-debuginfo-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: eea0d8868fd178bf8d46bfc92efe5dfcbbdccc17e965e8aaab3fdf8c059add3b
java-17-openjdk-javadoc-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: 36f220ebc953012fc6231ccc80329b13c5f7d46c1e9fc575d85fe2e5916e67bc
java-17-openjdk-javadoc-zip-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: 14760a1dbc62b7542380d819dcda2125a8d1599dec9044e164ff7c3522eb6017
java-17-openjdk-jmods-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: d5d4c88f7058fb21f28b783c1f6526aef403ca6289b0f2c0f374d79e753b6d3c
java-17-openjdk-src-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: 1fa7ee2bb895cf90f5604c8250018a86d93f3ef1ad9d9ee41685600959d38b25
java-17-openjdk-static-libs-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: 2e251a6e72098fe24dce5f3ddf3f7364671d79011aa51e313b4eebe9d30e2733
Red Hat Enterprise Linux Server - AUS 8.4
SRPM
java-17-openjdk-17.0.5.0.8-2.el8_4.src.rpm
SHA-256: 8af9094a08bf15827adf5351267eff7f98549d1e0c1b747b08903dec1339cff2
x86_64
java-17-openjdk-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: 8418a70aa2fec06f3e6754986b88af1c4ca50d5356120baa0872180bcb1a3ba0
java-17-openjdk-debuginfo-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: cea6ec1c33948713a2451c5e69bd29ea422acfec93c540ed819201b47f5ca32b
java-17-openjdk-debugsource-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: 27f8a6bfd907b60ca14aa6abe087939143951c198e1520770d1f6f1722884a35
java-17-openjdk-demo-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: 41a19b9ad42ad6fe6735201992d838404af2bf063f4236765acaa6319d4165d6
java-17-openjdk-devel-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: 95cc61f7a4d778dca113c9980dc8c00ab1ea7c69dc599cb9433c89de9b42deb7
java-17-openjdk-devel-debuginfo-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: db504ac20489b42df085fd717745094066dd767178177623ff99cb76daaa819f
java-17-openjdk-headless-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: 2e90b5764f595a136bdb731bf7257c493cd8665f7c50f8470c3ab3b8d72837d3
java-17-openjdk-headless-debuginfo-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: eea0d8868fd178bf8d46bfc92efe5dfcbbdccc17e965e8aaab3fdf8c059add3b
java-17-openjdk-javadoc-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: 36f220ebc953012fc6231ccc80329b13c5f7d46c1e9fc575d85fe2e5916e67bc
java-17-openjdk-javadoc-zip-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: 14760a1dbc62b7542380d819dcda2125a8d1599dec9044e164ff7c3522eb6017
java-17-openjdk-jmods-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: d5d4c88f7058fb21f28b783c1f6526aef403ca6289b0f2c0f374d79e753b6d3c
java-17-openjdk-src-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: 1fa7ee2bb895cf90f5604c8250018a86d93f3ef1ad9d9ee41685600959d38b25
java-17-openjdk-static-libs-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: 2e251a6e72098fe24dce5f3ddf3f7364671d79011aa51e313b4eebe9d30e2733
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4
SRPM
java-17-openjdk-17.0.5.0.8-2.el8_4.src.rpm
SHA-256: 8af9094a08bf15827adf5351267eff7f98549d1e0c1b747b08903dec1339cff2
s390x
java-17-openjdk-17.0.5.0.8-2.el8_4.s390x.rpm
SHA-256: 415aee072a46d6cd09be44c28fb6d67320e73033b903c5e0f0493a7651997e7f
java-17-openjdk-debuginfo-17.0.5.0.8-2.el8_4.s390x.rpm
SHA-256: 14228f0f0c007a1087cf70c44c9fca75e20071591699165a6005ed609f0958da
java-17-openjdk-debugsource-17.0.5.0.8-2.el8_4.s390x.rpm
SHA-256: befc56661d5b44c80a466b31b393121c89f5b0a6d45bd7c22af458f80f28446d
java-17-openjdk-demo-17.0.5.0.8-2.el8_4.s390x.rpm
SHA-256: 8b9af7f3ca625f614110070a63f9239644aea5cd282954a63ec6a3077ebe549f
java-17-openjdk-devel-17.0.5.0.8-2.el8_4.s390x.rpm
SHA-256: 49936e28e205f3db7f7d5872b1d273ae950a863a32b2113344ede3534a71ec3c
java-17-openjdk-devel-debuginfo-17.0.5.0.8-2.el8_4.s390x.rpm
SHA-256: 4fe6a35cb5ed97117b27c8e373c0708a7d66ced9e53d60bd353794cca8a19999
java-17-openjdk-headless-17.0.5.0.8-2.el8_4.s390x.rpm
SHA-256: 05a8c8a01e3a092a044d7456a59b54c8ff2f335bc9661075cd90f9e224552291
java-17-openjdk-headless-debuginfo-17.0.5.0.8-2.el8_4.s390x.rpm
SHA-256: c5c81faaa51355c0d1d421c88ac8a6c6970e85b9e773f6db2e3f78994ac30d08
java-17-openjdk-javadoc-17.0.5.0.8-2.el8_4.s390x.rpm
SHA-256: 347e5e912afb108fe1a7c39a8ee5ec6ad9ce02be662b6f496725d92351f8192e
java-17-openjdk-javadoc-zip-17.0.5.0.8-2.el8_4.s390x.rpm
SHA-256: 9298974a89d8c6e609a602a3c41fd758a1b5ed68d24c260b413660cd402d2d3a
java-17-openjdk-jmods-17.0.5.0.8-2.el8_4.s390x.rpm
SHA-256: 42fbcd3de269c127cb84b7ba5a621fdc083eb00a2e3e15b0700c2f5668fba5a8
java-17-openjdk-src-17.0.5.0.8-2.el8_4.s390x.rpm
SHA-256: 1458ce9b82d717700d2a4616b41eb625425fdf466777d0d715c21d1ba9c318c2
java-17-openjdk-static-libs-17.0.5.0.8-2.el8_4.s390x.rpm
SHA-256: b688d11ad3b3c1cec78404316a8155fb826d6c24d4a1e1488befcaba1490a60d
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4
SRPM
java-17-openjdk-17.0.5.0.8-2.el8_4.src.rpm
SHA-256: 8af9094a08bf15827adf5351267eff7f98549d1e0c1b747b08903dec1339cff2
ppc64le
java-17-openjdk-17.0.5.0.8-2.el8_4.ppc64le.rpm
SHA-256: fcfa511989585ab0788b42717202c207ba252c76b57dbfd72f5a50ce3428fe8d
java-17-openjdk-debuginfo-17.0.5.0.8-2.el8_4.ppc64le.rpm
SHA-256: 4e67bc88bd1af79964aacfb7a62d63020ae97f86f122699384853236d510e872
java-17-openjdk-debugsource-17.0.5.0.8-2.el8_4.ppc64le.rpm
SHA-256: 143034eb7ba29149069cd2fe80c6f512a28326f550b3ef5a33dce849319602b5
java-17-openjdk-demo-17.0.5.0.8-2.el8_4.ppc64le.rpm
SHA-256: 864051ca4fe9130e10aef4dd7933686fc0fdf29092618495653c519130ae6108
java-17-openjdk-devel-17.0.5.0.8-2.el8_4.ppc64le.rpm
SHA-256: f12cc715e4712e5c5f5e5ede89b56cc4c7abcda7eb7fd393dce029a78e4bbfed
java-17-openjdk-devel-debuginfo-17.0.5.0.8-2.el8_4.ppc64le.rpm
SHA-256: fd6365c856b7c0e6fdb34f0ca2019a84a2157c4944e2f3957d6e597a859e60a9
java-17-openjdk-headless-17.0.5.0.8-2.el8_4.ppc64le.rpm
SHA-256: dac0b5744782a0afca42add3582cbb2c76d54116776bbb9206d813cbef792842
java-17-openjdk-headless-debuginfo-17.0.5.0.8-2.el8_4.ppc64le.rpm
SHA-256: 8fb2eb80fc57a260285fca606b6571e9df0eb337075d3ad2b45f3497eb0f3abd
java-17-openjdk-javadoc-17.0.5.0.8-2.el8_4.ppc64le.rpm
SHA-256: 7bb76377802149ad38c219d47eb4992f163909c92841f89f2871ed7c7e7d770a
java-17-openjdk-javadoc-zip-17.0.5.0.8-2.el8_4.ppc64le.rpm
SHA-256: 9764a952303349eadebe01590687e2197765569d6e2734ad6a655bbee4ab7569
java-17-openjdk-jmods-17.0.5.0.8-2.el8_4.ppc64le.rpm
SHA-256: 49b84438abc8e75eb32b0c7e8d924d78bae05483a04b34b409ad3d771ea22678
java-17-openjdk-src-17.0.5.0.8-2.el8_4.ppc64le.rpm
SHA-256: 9f114ae1c826ba01571a4dd68984cb3ce86f1e140443527bee8336259eb1c55d
java-17-openjdk-static-libs-17.0.5.0.8-2.el8_4.ppc64le.rpm
SHA-256: c5064c2bd36a0684474f6db1c159979adbc05892f955a1bf313d37aa201dc61c
Red Hat Enterprise Linux Server - TUS 8.4
SRPM
java-17-openjdk-17.0.5.0.8-2.el8_4.src.rpm
SHA-256: 8af9094a08bf15827adf5351267eff7f98549d1e0c1b747b08903dec1339cff2
x86_64
java-17-openjdk-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: 8418a70aa2fec06f3e6754986b88af1c4ca50d5356120baa0872180bcb1a3ba0
java-17-openjdk-debuginfo-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: cea6ec1c33948713a2451c5e69bd29ea422acfec93c540ed819201b47f5ca32b
java-17-openjdk-debugsource-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: 27f8a6bfd907b60ca14aa6abe087939143951c198e1520770d1f6f1722884a35
java-17-openjdk-demo-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: 41a19b9ad42ad6fe6735201992d838404af2bf063f4236765acaa6319d4165d6
java-17-openjdk-devel-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: 95cc61f7a4d778dca113c9980dc8c00ab1ea7c69dc599cb9433c89de9b42deb7
java-17-openjdk-devel-debuginfo-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: db504ac20489b42df085fd717745094066dd767178177623ff99cb76daaa819f
java-17-openjdk-headless-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: 2e90b5764f595a136bdb731bf7257c493cd8665f7c50f8470c3ab3b8d72837d3
java-17-openjdk-headless-debuginfo-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: eea0d8868fd178bf8d46bfc92efe5dfcbbdccc17e965e8aaab3fdf8c059add3b
java-17-openjdk-javadoc-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: 36f220ebc953012fc6231ccc80329b13c5f7d46c1e9fc575d85fe2e5916e67bc
java-17-openjdk-javadoc-zip-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: 14760a1dbc62b7542380d819dcda2125a8d1599dec9044e164ff7c3522eb6017
java-17-openjdk-jmods-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: d5d4c88f7058fb21f28b783c1f6526aef403ca6289b0f2c0f374d79e753b6d3c
java-17-openjdk-src-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: 1fa7ee2bb895cf90f5604c8250018a86d93f3ef1ad9d9ee41685600959d38b25
java-17-openjdk-static-libs-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: 2e251a6e72098fe24dce5f3ddf3f7364671d79011aa51e313b4eebe9d30e2733
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4
SRPM
java-17-openjdk-17.0.5.0.8-2.el8_4.src.rpm
SHA-256: 8af9094a08bf15827adf5351267eff7f98549d1e0c1b747b08903dec1339cff2
aarch64
java-17-openjdk-17.0.5.0.8-2.el8_4.aarch64.rpm
SHA-256: d8f95fa7ef552f3d0d0ea02ecde90114ff44f158e40b6f4eff450fe1b1788ce7
java-17-openjdk-debuginfo-17.0.5.0.8-2.el8_4.aarch64.rpm
SHA-256: b0c8699480bef944c942626ed00925aeba204cbe19cf1abd003e8a2702c01db5
java-17-openjdk-debugsource-17.0.5.0.8-2.el8_4.aarch64.rpm
SHA-256: 8bf58e1735ac61a7670b3f975200e137f23d13b396d99f37388cabc0d55cf7ef
java-17-openjdk-demo-17.0.5.0.8-2.el8_4.aarch64.rpm
SHA-256: d600a60c6ceb1592b654144036513ad49fd6f330cac5977ebf75a495de1b973b
java-17-openjdk-devel-17.0.5.0.8-2.el8_4.aarch64.rpm
SHA-256: c7f992d4950b331ab2b7a9601c8b7a19529c546eef5f95c2991a45b66691e8c6
java-17-openjdk-devel-debuginfo-17.0.5.0.8-2.el8_4.aarch64.rpm
SHA-256: f23f63aad19d671dea87dea0a5299b1134d3ff407d4522c286eae34bbbd864d3
java-17-openjdk-headless-17.0.5.0.8-2.el8_4.aarch64.rpm
SHA-256: 50fb306a269bcbb3112464e57f02a6eaee0a6097c3a5da657bbe08459f0ff84c
java-17-openjdk-headless-debuginfo-17.0.5.0.8-2.el8_4.aarch64.rpm
SHA-256: c620a56a6c729e4b000e59eb03a8c52d9d5cf5206c7d399ea59526b6b6fe1db7
java-17-openjdk-javadoc-17.0.5.0.8-2.el8_4.aarch64.rpm
SHA-256: c02b1c30052de26eafa6af63302b471899dd1151b251b773221fee1f455bf072
java-17-openjdk-javadoc-zip-17.0.5.0.8-2.el8_4.aarch64.rpm
SHA-256: 855367ff7cb97fa4b194281f35029ab43c9b39312d1d452d0d449e6d0657ddef
java-17-openjdk-jmods-17.0.5.0.8-2.el8_4.aarch64.rpm
SHA-256: ae6b827c3ee8edc0cee8ac4bbb8d71aff2489ea774f60d31f31be8ab9c5b5bb2
java-17-openjdk-src-17.0.5.0.8-2.el8_4.aarch64.rpm
SHA-256: 18e3f37dc7b77364ab5ea402f4e353d36dbf4a58ec26217c6575e318fae09d82
java-17-openjdk-static-libs-17.0.5.0.8-2.el8_4.aarch64.rpm
SHA-256: 5dea711df558421ba31b58b30c8b0cab3f44b1dae867d297bc88f6856ea4fbc9
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.4
SRPM
java-17-openjdk-17.0.5.0.8-2.el8_4.src.rpm
SHA-256: 8af9094a08bf15827adf5351267eff7f98549d1e0c1b747b08903dec1339cff2
ppc64le
java-17-openjdk-17.0.5.0.8-2.el8_4.ppc64le.rpm
SHA-256: fcfa511989585ab0788b42717202c207ba252c76b57dbfd72f5a50ce3428fe8d
java-17-openjdk-debuginfo-17.0.5.0.8-2.el8_4.ppc64le.rpm
SHA-256: 4e67bc88bd1af79964aacfb7a62d63020ae97f86f122699384853236d510e872
java-17-openjdk-debugsource-17.0.5.0.8-2.el8_4.ppc64le.rpm
SHA-256: 143034eb7ba29149069cd2fe80c6f512a28326f550b3ef5a33dce849319602b5
java-17-openjdk-demo-17.0.5.0.8-2.el8_4.ppc64le.rpm
SHA-256: 864051ca4fe9130e10aef4dd7933686fc0fdf29092618495653c519130ae6108
java-17-openjdk-devel-17.0.5.0.8-2.el8_4.ppc64le.rpm
SHA-256: f12cc715e4712e5c5f5e5ede89b56cc4c7abcda7eb7fd393dce029a78e4bbfed
java-17-openjdk-devel-debuginfo-17.0.5.0.8-2.el8_4.ppc64le.rpm
SHA-256: fd6365c856b7c0e6fdb34f0ca2019a84a2157c4944e2f3957d6e597a859e60a9
java-17-openjdk-headless-17.0.5.0.8-2.el8_4.ppc64le.rpm
SHA-256: dac0b5744782a0afca42add3582cbb2c76d54116776bbb9206d813cbef792842
java-17-openjdk-headless-debuginfo-17.0.5.0.8-2.el8_4.ppc64le.rpm
SHA-256: 8fb2eb80fc57a260285fca606b6571e9df0eb337075d3ad2b45f3497eb0f3abd
java-17-openjdk-javadoc-17.0.5.0.8-2.el8_4.ppc64le.rpm
SHA-256: 7bb76377802149ad38c219d47eb4992f163909c92841f89f2871ed7c7e7d770a
java-17-openjdk-javadoc-zip-17.0.5.0.8-2.el8_4.ppc64le.rpm
SHA-256: 9764a952303349eadebe01590687e2197765569d6e2734ad6a655bbee4ab7569
java-17-openjdk-jmods-17.0.5.0.8-2.el8_4.ppc64le.rpm
SHA-256: 49b84438abc8e75eb32b0c7e8d924d78bae05483a04b34b409ad3d771ea22678
java-17-openjdk-src-17.0.5.0.8-2.el8_4.ppc64le.rpm
SHA-256: 9f114ae1c826ba01571a4dd68984cb3ce86f1e140443527bee8336259eb1c55d
java-17-openjdk-static-libs-17.0.5.0.8-2.el8_4.ppc64le.rpm
SHA-256: c5064c2bd36a0684474f6db1c159979adbc05892f955a1bf313d37aa201dc61c
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.4
SRPM
java-17-openjdk-17.0.5.0.8-2.el8_4.src.rpm
SHA-256: 8af9094a08bf15827adf5351267eff7f98549d1e0c1b747b08903dec1339cff2
x86_64
java-17-openjdk-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: 8418a70aa2fec06f3e6754986b88af1c4ca50d5356120baa0872180bcb1a3ba0
java-17-openjdk-debuginfo-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: cea6ec1c33948713a2451c5e69bd29ea422acfec93c540ed819201b47f5ca32b
java-17-openjdk-debugsource-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: 27f8a6bfd907b60ca14aa6abe087939143951c198e1520770d1f6f1722884a35
java-17-openjdk-demo-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: 41a19b9ad42ad6fe6735201992d838404af2bf063f4236765acaa6319d4165d6
java-17-openjdk-devel-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: 95cc61f7a4d778dca113c9980dc8c00ab1ea7c69dc599cb9433c89de9b42deb7
java-17-openjdk-devel-debuginfo-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: db504ac20489b42df085fd717745094066dd767178177623ff99cb76daaa819f
java-17-openjdk-headless-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: 2e90b5764f595a136bdb731bf7257c493cd8665f7c50f8470c3ab3b8d72837d3
java-17-openjdk-headless-debuginfo-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: eea0d8868fd178bf8d46bfc92efe5dfcbbdccc17e965e8aaab3fdf8c059add3b
java-17-openjdk-javadoc-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: 36f220ebc953012fc6231ccc80329b13c5f7d46c1e9fc575d85fe2e5916e67bc
java-17-openjdk-javadoc-zip-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: 14760a1dbc62b7542380d819dcda2125a8d1599dec9044e164ff7c3522eb6017
java-17-openjdk-jmods-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: d5d4c88f7058fb21f28b783c1f6526aef403ca6289b0f2c0f374d79e753b6d3c
java-17-openjdk-src-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: 1fa7ee2bb895cf90f5604c8250018a86d93f3ef1ad9d9ee41685600959d38b25
java-17-openjdk-static-libs-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: 2e251a6e72098fe24dce5f3ddf3f7364671d79011aa51e313b4eebe9d30e2733
Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.4
SRPM
x86_64
java-17-openjdk-debuginfo-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: cea6ec1c33948713a2451c5e69bd29ea422acfec93c540ed819201b47f5ca32b
java-17-openjdk-debugsource-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: 27f8a6bfd907b60ca14aa6abe087939143951c198e1520770d1f6f1722884a35
java-17-openjdk-demo-fastdebug-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: 546dd14a7105433b116270abd2019b0e9f389ed7ef67b7945f4bd3052117f6df
java-17-openjdk-demo-slowdebug-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: 1c28dc66b8fd12d9bdbfd5b741ef071dbddf70d3613e7d4d2dda5671dc2066ff
java-17-openjdk-devel-debuginfo-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: db504ac20489b42df085fd717745094066dd767178177623ff99cb76daaa819f
java-17-openjdk-devel-fastdebug-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: 784aba58c69720f46b7eec6ca63fb962a9bbb8587737b02881280abd58bba52e
java-17-openjdk-devel-fastdebug-debuginfo-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: f3540df0a93d0c49657c04a4176549883e1349ec0a0c4fcc0f7290507e721fed
java-17-openjdk-devel-slowdebug-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: e80e748991e3464e6265e17dc4888cad23c13dcaa941eff4c1e72a0f63fd9c24
java-17-openjdk-devel-slowdebug-debuginfo-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: 3a0ed6b7cf6ae20b860df511af3b3729897ac7c5086cd90854fbb5c18760cdfe
java-17-openjdk-fastdebug-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: 948f2b3a82d715c269cd44b14c65569e1e04cfaf8ca5d6d418c37e213b9548ae
java-17-openjdk-fastdebug-debuginfo-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: 6b58db39df860e3b5a1888443d1352ca10ce8fb5254c9f8f3f0734eb8a0a5881
java-17-openjdk-headless-debuginfo-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: eea0d8868fd178bf8d46bfc92efe5dfcbbdccc17e965e8aaab3fdf8c059add3b
java-17-openjdk-headless-fastdebug-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: e9c9bae2a0b838260c827ea692a9bcf4ea3ec2765b1431e86400d85bdb4491ce
java-17-openjdk-headless-fastdebug-debuginfo-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: 9566fc49ad93c7edf2800e6e0950ef6e727c2008ee21927e6c6c8a1a04264d14
java-17-openjdk-headless-slowdebug-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: f37e8eb94e498c545def3d40439126e21056390df616bfb823175df7584f61ad
java-17-openjdk-headless-slowdebug-debuginfo-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: fd387e5284f4c79a82a15f5e362ecd6e9b91e2e516356113ab728d00d0990a99
java-17-openjdk-jmods-fastdebug-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: 5571a293d9f153c883c5448e5e3a384ad4bd2b98f69f1c820e8e289ede49011a
java-17-openjdk-jmods-slowdebug-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: 478a44a9be154c30cd2192c7bb9e9cd4966ecce40fabdf96ea57867fa59085c8
java-17-openjdk-slowdebug-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: 21ef33735e8cc2a80596a9217ad3256861d26bb5e1734bf73228ff70de998e8d
java-17-openjdk-slowdebug-debuginfo-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: 08c7cb88f1a8410140df96ad5f4c5415f8b189b0864da1ff417c42221e361fb4
java-17-openjdk-src-fastdebug-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: 816021db87c3d3989451cd39706c7f56ba93852a1df37bfa2b823b2ef690b86c
java-17-openjdk-src-slowdebug-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: 97bc39712b467aad37ee88c54320f10797db9faf285911a06d273c7c72e06eca
java-17-openjdk-static-libs-fastdebug-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: 7bbb5f956be2d0145072973a727b8422a1d65f4fee940fb294c04ebcc57ba2bf
java-17-openjdk-static-libs-slowdebug-17.0.5.0.8-2.el8_4.x86_64.rpm
SHA-256: 52c5dbfd6bd1daa7a6036dc6c2a04813db9760203476f15c5ddb429117f557bb
Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.4
SRPM
ppc64le
java-17-openjdk-debuginfo-17.0.5.0.8-2.el8_4.ppc64le.rpm
SHA-256: 4e67bc88bd1af79964aacfb7a62d63020ae97f86f122699384853236d510e872
java-17-openjdk-debugsource-17.0.5.0.8-2.el8_4.ppc64le.rpm
SHA-256: 143034eb7ba29149069cd2fe80c6f512a28326f550b3ef5a33dce849319602b5
java-17-openjdk-demo-slowdebug-17.0.5.0.8-2.el8_4.ppc64le.rpm
SHA-256: 21e3ff33f95578b9441a6f7dbb17327f287202a60f7564562e831814828ebc97
java-17-openjdk-devel-debuginfo-17.0.5.0.8-2.el8_4.ppc64le.rpm
SHA-256: fd6365c856b7c0e6fdb34f0ca2019a84a2157c4944e2f3957d6e597a859e60a9
java-17-openjdk-devel-slowdebug-17.0.5.0.8-2.el8_4.ppc64le.rpm
SHA-256: c5c492c959d2ec54d463907121d9b1b9decf4b5caace627476897685b669e2a2
java-17-openjdk-devel-slowdebug-debuginfo-17.0.5.0.8-2.el8_4.ppc64le.rpm
SHA-256: 87745140ade916dd0d6cec95f0bd3f2b6b8aaa98194c605e4f482e47f6e674d5
java-17-openjdk-headless-debuginfo-17.0.5.0.8-2.el8_4.ppc64le.rpm
SHA-256: 8fb2eb80fc57a260285fca606b6571e9df0eb337075d3ad2b45f3497eb0f3abd
java-17-openjdk-headless-slowdebug-17.0.5.0.8-2.el8_4.ppc64le.rpm
SHA-256: 60229eee79790c6114322c566a29f023bf670e1cc93129677274f89e9877b7ee
java-17-openjdk-headless-slowdebug-debuginfo-17.0.5.0.8-2.el8_4.ppc64le.rpm
SHA-256: 189b0479479d9a766f8aff537b1cd24c235cb262ae6b94c16408885494702c7b
java-17-openjdk-jmods-slowdebug-17.0.5.0.8-2.el8_4.ppc64le.rpm
SHA-256: 31ef67a912e79f21c204bd8f804463dec05e3d889c1ea1adb379cb7339d6e658
java-17-openjdk-slowdebug-17.0.5.0.8-2.el8_4.ppc64le.rpm
SHA-256: 062474e8d7543f052f6b8251d12f342eb7dfc461b22800fffe1424a72c4d6eff
java-17-openjdk-slowdebug-debuginfo-17.0.5.0.8-2.el8_4.ppc64le.rpm
SHA-256: a751d307f64a8fbce376e2f5c1b6d514025b885073005029166fcc01d226e0ec
java-17-openjdk-src-slowdebug-17.0.5.0.8-2.el8_4.ppc64le.rpm
SHA-256: 3e8bda00940bc38f642ca277faeccad82e86e743af501bb5a4b917aa626b6222
java-17-openjdk-static-libs-slowdebug-17.0.5.0.8-2.el8_4.ppc64le.rpm
SHA-256: 9a093f878520d87f2b45367855fc05203c53ed9af587f3e508ed474d8fd2257c
Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.4
SRPM
s390x
java-17-openjdk-debuginfo-17.0.5.0.8-2.el8_4.s390x.rpm
SHA-256: 14228f0f0c007a1087cf70c44c9fca75e20071591699165a6005ed609f0958da
java-17-openjdk-debugsource-17.0.5.0.8-2.el8_4.s390x.rpm
SHA-256: befc56661d5b44c80a466b31b393121c89f5b0a6d45bd7c22af458f80f28446d
java-17-openjdk-demo-slowdebug-17.0.5.0.8-2.el8_4.s390x.rpm
SHA-256: d59ec31c108a5e6561dcca53dd16fa0496c6a2b4ba3efb3b542c3de35743de44
java-17-openjdk-devel-debuginfo-17.0.5.0.8-2.el8_4.s390x.rpm
SHA-256: 4fe6a35cb5ed97117b27c8e373c0708a7d66ced9e53d60bd353794cca8a19999
java-17-openjdk-devel-slowdebug-17.0.5.0.8-2.el8_4.s390x.rpm
SHA-256: c5a308443a17c77833458ee0b135a87ccdffe93058057d5924a230c23b859ed7
java-17-openjdk-devel-slowdebug-debuginfo-17.0.5.0.8-2.el8_4.s390x.rpm
SHA-256: 6def3f7efe138b971acb121468a326ef78dd66266d197cf482e18a45c1470e12
java-17-openjdk-headless-debuginfo-17.0.5.0.8-2.el8_4.s390x.rpm
SHA-256: c5c81faaa51355c0d1d421c88ac8a6c6970e85b9e773f6db2e3f78994ac30d08
java-17-openjdk-headless-slowdebug-17.0.5.0.8-2.el8_4.s390x.rpm
SHA-256: e94c4bb1ac38096a559e04ff18a8d4b39c9a54183cb8417fe15df7267b5c1e8a
java-17-openjdk-headless-slowdebug-debuginfo-17.0.5.0.8-2.el8_4.s390x.rpm
SHA-256: 2c3d148c5b0227255eba78289619f65920d12377e4c49809d9e79de531d54e84
java-17-openjdk-jmods-slowdebug-17.0.5.0.8-2.el8_4.s390x.rpm
SHA-256: 15d217af4c67905bb87f680fa41e192a050efbf57a10bf4ebc596109901c37ae
java-17-openjdk-slowdebug-17.0.5.0.8-2.el8_4.s390x.rpm
SHA-256: 79606e4431c00714bec8b1aac5132cd12ed1bd4d10cfef485d0b88eae16fc366
java-17-openjdk-slowdebug-debuginfo-17.0.5.0.8-2.el8_4.s390x.rpm
SHA-256: 9e4c707f4bbab2489c0f63dd5f112bae0c734954d1b68ef68c22a2bb24dea05d
java-17-openjdk-src-slowdebug-17.0.5.0.8-2.el8_4.s390x.rpm
SHA-256: 84e9850e62ad7c87320b25fc29f1988a6934ebb9ea0ffb8c4c716ab0edffb515
java-17-openjdk-static-libs-slowdebug-17.0.5.0.8-2.el8_4.s390x.rpm
SHA-256: 19bd0bd54d13d27efc918f58c15d194a6ec6691f9e1a1242d0ac05bf36bea29a
Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.4
SRPM
aarch64
java-17-openjdk-debuginfo-17.0.5.0.8-2.el8_4.aarch64.rpm
SHA-256: b0c8699480bef944c942626ed00925aeba204cbe19cf1abd003e8a2702c01db5
java-17-openjdk-debugsource-17.0.5.0.8-2.el8_4.aarch64.rpm
SHA-256: 8bf58e1735ac61a7670b3f975200e137f23d13b396d99f37388cabc0d55cf7ef
java-17-openjdk-demo-slowdebug-17.0.5.0.8-2.el8_4.aarch64.rpm
SHA-256: 8b0fbb9a41b9e9c8f85ac4814a32da2ca6af2112457e140fc838beae8d691c39
java-17-openjdk-devel-debuginfo-17.0.5.0.8-2.el8_4.aarch64.rpm
SHA-256: f23f63aad19d671dea87dea0a5299b1134d3ff407d4522c286eae34bbbd864d3
java-17-openjdk-devel-slowdebug-17.0.5.0.8-2.el8_4.aarch64.rpm
SHA-256: 6640cbb8ac53880290bd7aab50134a559ae76fe5565da0f5a9bf8e1b6a0480dc
java-17-openjdk-devel-slowdebug-debuginfo-17.0.5.0.8-2.el8_4.aarch64.rpm
SHA-256: 4a5746f5bc4a28f9a8fc51e2dd46df9e17eb14b80eef3b70882d429ef43bb4e6
java-17-openjdk-headless-debuginfo-17.0.5.0.8-2.el8_4.aarch64.rpm
SHA-256: c620a56a6c729e4b000e59eb03a8c52d9d5cf5206c7d399ea59526b6b6fe1db7
java-17-openjdk-headless-slowdebug-17.0.5.0.8-2.el8_4.aarch64.rpm
SHA-256: beb80b19a791350ef1ae213dc24fcfcabe517838b73d0108cb0d06b7fdf067f8
java-17-openjdk-headless-slowdebug-debuginfo-17.0.5.0.8-2.el8_4.aarch64.rpm
SHA-256: 38392711e49f2a8b688f2ef2b172c4db046db3242733d6d51c394e1d1031e518
java-17-openjdk-jmods-slowdebug-17.0.5.0.8-2.el8_4.aarch64.rpm
SHA-256: 799de047546233133f3f540e7587b0634be311f82714f0e0ec4879b92240fa88
java-17-openjdk-slowdebug-17.0.5.0.8-2.el8_4.aarch64.rpm
SHA-256: 5c59769c26a2b22ab9e6f0b57556774f8fb74780acfa3aeae9b6fb4b3563e797
java-17-openjdk-slowdebug-debuginfo-17.0.5.0.8-2.el8_4.aarch64.rpm
SHA-256: 60a6ad3b6faff911cba161d5e87dbc0e3aa5c0f0131ec90e176dd1f540ccf51e
java-17-openjdk-src-slowdebug-17.0.5.0.8-2.el8_4.aarch64.rpm
SHA-256: a01c8282ce791a0ba3f2b9e276889e17e9f3485222f3442c5a27b605c333305c
java-17-openjdk-static-libs-slowdebug-17.0.5.0.8-2.el8_4.aarch64.rpm
SHA-256: e7858f2350b4b871fcb73c5257cebad0b69e7b2a332af74c7e742b7c50c69686
Related news
Progress Chef Infra Server before 15.7 allows a local attacker to exploit a /var/opt/opscode/local-mode-cache/backup world-readable temporary backup path to access sensitive information, resulting in the disclosure of all indexed node data, because OpenSearch credentials are exposed. (The data typically includes credentials for additional systems.) The attacker must wait for an admin to run the "chef-server-ctl reconfigure" command.
Dell VxRail versions earlier than 7.0.450, contain(s) an OS command injection vulnerability in VxRail Manager. A local authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application. Exploitation may lead to a system take over by an attacker.
An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) * CVE-2022-21628: OpenJDK: HttpServer no connection count limit (...
Openshift Logging Bug Fix Release (5.3.14) Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-36518: jackson-databind: denial of service via a large depth of nested objects * CVE-2022-42003: jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS * CVE-2022-42004: jackson-databind: use of deeply nested arrays
Red Hat Security Advisory 2022-8880-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR7-FP20. Issues addressed include a randomization vulnerability.
Red Hat OpenShift Container Platform release 4.8.53 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-26945: go-getter: command injection vulnerability * CVE-2022-30321: go-getter: unsafe download (issue 1 of 3) * CVE-2022-30322: go-getter: unsafe download (issue 2 of 3) * CVE-2022-30323: go...
Red Hat Security Advisory 2022-6882-01 - Openshift Logging 5.3.13 security and bug fix release.
Red Hat Security Advisory 2022-7216-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.9.51. Issues addressed include code execution and memory leak vulnerabilities.
Red Hat OpenShift Container Platform release 4.10.39 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-26945: go-getter: command injection vulnerability * CVE-2022-30321: go-getter: unsafe download (issue 1 of 3) * CVE-2022-30322: go-getter: unsafe download (issue 2 of 3) * CVE-2022-30323: ...
Red Hat Security Advisory 2022-7051-01 - The OpenJDK 17 packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. This release of the Red Hat build of OpenJDK 17 for Windows serves as a replacement for the Red Hat build of OpenJDK 17 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include buffer overflow and randomization vulnerabilities.
Red Hat Security Advisory 2022-7052-01 - The OpenJDK 11 packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. This release of the Red Hat build of OpenJDK 11 for Windows serves as a replacement for the Red Hat build of OpenJDK 11 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include buffer overflow and randomization vulnerabilities.
Red Hat Security Advisory 2022-7013-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include buffer overflow and randomization vulnerabilities.
Red Hat Security Advisory 2022-7005-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a randomization vulnerability.
Red Hat Security Advisory 2022-7006-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a randomization vulnerability.
Red Hat Security Advisory 2022-7009-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include buffer overflow and randomization vulnerabilities.
Red Hat Security Advisory 2022-7011-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include buffer overflow and randomization vulnerabilities.
Red Hat Security Advisory 2022-7010-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include buffer overflow and randomization vulnerabilities.
Red Hat Security Advisory 2022-7000-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Issues addressed include buffer overflow and randomization vulnerabilities.
The Red Hat build of OpenJDK 17 (java-17-openjdk) is now available for portable Linux. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X...
The Red Hat build of OpenJDK 17 (java-17-openjdk) is now available for Windows. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 ce...
The Red Hat Build of OpenJDK 11 (java-11-openjdk) is now available for portable Linux. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X...
The Red Hat Build of OpenJDK 11 (java-11-openjdk) is now available for Windows. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 ce...
The Red Hat build of OpenJDK 8 (java-1.8.0-openjdk) is now available for Windows. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) * CVE-2022-21628: OpenJDK: HttpServer no connection count lim...
An update for java-17-openjdk is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...
An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...
An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...
An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...
An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...
An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...
An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memo...
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memo...
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memo...
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memo...
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memo...
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memo...
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memo...
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memo...
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memo...
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memo...
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memo...
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memo...
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) * CVE-2022-21628: OpenJDK: HttpServer no connection count lim...
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) * CVE-2022-21628: OpenJDK: HttpServer no connection count lim...
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) * CVE-2022-21628: OpenJDK: HttpServer no connection count lim...
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) * CVE-2022-21628: OpenJDK: HttpServer no connection count lim...
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) * CVE-2022-21628: OpenJDK: HttpServer no connection count lim...
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) * CVE-2022-21628: OpenJDK: HttpServ...
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) * CVE-2022-21628: OpenJDK...
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) * CVE-2022-21628: OpenJDK: HttpServ...
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: exce...
Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Upload). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator. Successful attacks of this vulnerability can result in takeover of Oracle Web Applications Desktop Integrator. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Upload). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator. Successful attacks of this vulnerability can result in takeover of Oracle Web Applications Desktop Integrator. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Upload). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator. Successful attacks of this vulnerability can result in takeover of Oracle Web Applications Desktop Integrator. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Upload). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator. Successful attacks of this vulnerability can result in takeover of Oracle Web Applications Desktop Integrator. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Upload). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator. Successful attacks of this vulnerability can result in takeover of Oracle Web Applications Desktop Integrator. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Upload). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator. Successful attacks of this vulnerability can result in takeover of Oracle Web Applications Desktop Integrator. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).