Red Hat Security Advisory 2024-4567-03 - An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Telecommunications Update Service, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, Red Hat Enterprise Linux 8.8 Extended Update Support, Red Hat Enterprise Linux 9, Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions, and Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include an out of bounds access vulnerability.
219057442f9490598ac02bb69137188badec942da943bdaa147e7f1c436b10cd
Red Hat Security Advisory 2024-4564-03 - An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Issues addressed include an out of bounds access vulnerability.
d6adfa53ac391123582c56fcb507c037b05d4d6a81dceee1d2c2180aab994f30
Red Hat Security Advisory 2024-4560-03 - An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Issues addressed include an out of bounds access vulnerability.
9601305f6c8378d3df620d4b2796568284744aa42d9e698894e94676b2af69c3
Red Hat Security Advisory 2024-4568-03 - An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Telecommunications Update Service, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, Red Hat Enterprise Linux 8.8 Extended Update Support, Red Hat Enterprise Linux 9, Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions, and Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include an out of bounds access vulnerability.
6316b8585be98dfd8461e525d3da47ea43f9db28175859e8379e458eb1e24ab0
Red Hat Security Advisory 2024-4563-03 - An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Telecommunications Update Service, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, Red Hat Enterprise Linux 8.8 Extended Update Support, Red Hat Enterprise Linux 9, Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions, and Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include an out of bounds access vulnerability.
ca33746403d1a6d484313a73618297dd8a92789804bb3d1a6c42bb5db0ba4db0
Red Hat Security Advisory 2024-4573-03 - An update for java-21-openjdk is now available for Red Hat Enterprise Linux 8 and Red Hat Enterprise Linux 9. Issues addressed include an out of bounds access vulnerability.
dce7a0c036e6d2be197b39dc26098d4ac746bdc576ffc4fd7c39ecd7f0b0ac54
GeoServer is an open-source software server written in Java that provides the ability to view, edit, and share geospatial data. It is designed to be a flexible, efficient solution for distributing geospatial data from a variety of sources such as Geographic Information System (GIS) databases, web-based data, and personal datasets. In the GeoServer versions before 2.23.6, greater than or equal to 2.24.0, before 2.24.4 and greater than equal to 2.25.0, and before 2.25.1, multiple OGC request parameters allow remote code execution (RCE) by unauthenticated users through specially crafted input against a default GeoServer installation due to unsafely evaluating property names as XPath expressions. An attacker can abuse this by sending a POST request with a malicious xpath expression to execute arbitrary commands as root on the system.
60f349aa901f9dae2286ae790ca0dc4f7e03fb5120fbbaa6cd6f79d5a14fe921
Red Hat Security Advisory 2024-4160-03 - An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 7 Supplementary. Issues addressed include a denial of service vulnerability.
3fb98e0909f3d7cbce6d6fd688f69fceabd29ca860fbfaad2782da9b3cad87e6
Red Hat Security Advisory 2024-4081-03 - An update for the quarkus-mandrel-java and quarkus-mandrel-23 packages is now available for the Red Hat build of Quarkus. Issues addressed include a denial of service vulnerability.
0f5f6f5b746b645b0f4e9fea26897bdd092964b68866d87d4032f6b0524bbd67
Red Hat Security Advisory 2024-4079-03 - An update for the quarkus-mandrel-java and quarkus-mandrel-231 packages is now available for the Red Hat build of Quarkus. Issues addressed include a denial of service vulnerability.
1d8cf73a7dc80ef0b1f4b69678806e07d8dee4ce9c5bb6e5befaba6cfe0c9b1a
Red Hat Security Advisory 2024-1482-03 - An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 7 Supplementary.
31e7c4bdedb4aa4725d0b3a6082d80f7a48c5af194796296b2597c4e90db3801
Red Hat Security Advisory 2024-1481-03 - An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 8.
c98b578daa2e1e8ea5e306a699f63ec752aed0a8384056cac1a08270c7fc582f
Red Hat Security Advisory 2024-3685-03 - An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.
6731b30b5b8570957bb2d8449cd5ae256938227f2bc6fc4d1e3cad15c0513c9f
Apache Solr versions 6.0.0 through 8.11.2 and versions 9.0.0 up to 9.4.1 are affected by an unrestricted file upload vulnerability which can result in remote code execution in the context of the user running Apache Solr. When Apache Solr creates a Collection, it will use a specific directory as the classpath and load some classes from it. The backup function of the Collection can export malicious class files uploaded by attackers to the directory, allowing Solr to load custom classes and create arbitrary Java code. Execution can further bypass the Java sandbox configured by Solr, ultimately causing arbitrary command execution.
982c87ed2032bff9e2a889f42db78ed065aa2707c068813f76b1c3875193d49d
Debian Linux Security Advisory 5672-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service or information disclosure.
a9064c09d4359e5484ea104362dc6a838926946bd9996ac856a59a71a2840bdb
Debian Linux Security Advisory 5671-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service or information disclosure.
5c18eb648b6f3785439fef0afc436e9646416b6ddec16705c0cb435ea59ff3a9
Red Hat Security Advisory 2024-1828-03 - An update for java-21-openjdk is now available for Red Hat Enterprise Linux 8 and Red Hat Enterprise Linux 9. Issues addressed include an integer overflow vulnerability.
66e1f9efa2400c9987955cf56660274bc6b9aa14c3c2998d7b044398bd290fd0
Red Hat Security Advisory 2024-1822-03 - An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions, Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, Red Hat Enterprise Linux 8.6 Extended Update Support, Red Hat Enterprise Linux 8.8 Extended Update Support, Red Hat Enterprise Linux 9, Red Hat Enterprise Linux 9.0 Extended Update Support, and Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include an integer overflow vulnerability.
44c796b582a5b81103c18e46e4067bab53be13a7c3404887b51ecf0ca5192eb2
Red Hat Security Advisory 2024-1821-03 - An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Issues addressed include an integer overflow vulnerability.
f40237d1edf007c8f38b1b79b61e3d331c7043f8da3f2c8f859bc63cd66691e0
Red Hat Security Advisory 2024-1818-03 - An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions, Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, Red Hat Enterprise Linux 8.6 Extended Update Support, Red Hat Enterprise Linux 8.8 Extended Update Support, Red Hat Enterprise Linux 9, Red Hat Enterprise Linux 9.0 Extended Update Support, and Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include an integer overflow vulnerability.
b6b72d2d07588c0a0e612a9b7cfc352c741b627263cf5b7200b33362cb8d5793
Debian Linux Security Advisory 5664-1 - Jetty 9 is a Java based web server and servlet engine. It was discovered that remote attackers may leave many HTTP/2 connections in ESTABLISHED state (not closed), TCP congested and idle. Eventually the server will stop accepting new connections from valid clients which can cause a denial of service.
f811fdb59918d1ff6c0f69e7c41be61c5a9681f083aca6ccdb106ccc1fb89b43
Red Hat Security Advisory 2024-1825-03 - An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, Red Hat Enterprise Linux 8.6 Extended Update Support, Red Hat Enterprise Linux 8.8 Extended Update Support, Red Hat Enterprise Linux 9, Red Hat Enterprise Linux 9.0 Extended Update Support, and Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include an integer overflow vulnerability.
4fba84c5865b83ce2be2d7d40ed4bdb7edd461ec78209e4934479634d0dbb955
Red Hat Security Advisory 2024-1817-03 - An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7. Issues addressed include an integer overflow vulnerability.
4b59b814abb1f6beb94c843f2e7878d96e9b753b88e25787268ef28e30c57ee6
Ubuntu Security Notice 6696-1 - Yi Yang discovered that the Hotspot component of OpenJDK 8 incorrectly handled array accesses in the C1 compiler. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. It was discovered that the Hotspot component of OpenJDK 8 did not properly verify bytecode in certain situations. An attacker could possibly use this issue to bypass Java sandbox restrictions.
4b0662938dd8d4f3377ff21d6e5a575b539f89ee7c9b38c565dd184d1e38fed8
Ubuntu Security Notice 6662-1 - Yi Yang discovered that the Hotspot component of OpenJDK 21 incorrectly handled array accesses in the C1 compiler. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. It was discovered that the Hotspot component of OpenJDK 21 did not properly verify bytecode in certain situations. An attacker could possibly use this issue to bypass Java sandbox restrictions.
aaa047aaea8cde67a241170dbe81023fa98342d4dfece4d36d5b5774c741bb8a