Red Hat Security Advisory 2017-3453-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP5. Security Fix: This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.
5cdbf5273d807c44144081264433f64aca62c27845caebf77dc83aeda8dbc521
Red Hat Security Advisory 2017-3267-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP5. Security Fix: This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.
1cbdf57cadd1e25962575914fcbe68c5198cbbf91b9a933acd1c4fc9b599ac7d
Red Hat Security Advisory 2017-3264-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP5. Security Fix: This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.
b9201431909936ea9fd97a7fcd50d51c4350b43fe1f82c552c0ae26c8fd37e75
Oracle Java SE installs a protocol handler in the registry as "HKEY_CLASSES_ROOT\jnlp\Shell\Open\Command\Default" 'C:\Program Files\Java\jre1.8.0_131\bin\jp2launcher.exe" -securejws "%1"'. This can allow allow an attacker to launch remote jnlp files with little user interaction. A malicious jnlp file containing a crafted XML XXE attack can be leveraged to disclose files, cause a denial of service or trigger SSRF. Versions v8u131 and below are affected.
95eeae9eabde4f8ff4be6539a758b833f6a5e74bc86b983863634a6eabcb0b56
Gentoo Linux Security Advisory 201710-31 - Multiple vulnerabilities have been found in Oracle's JDK and JRE software suites, the worst of which can be remotely exploited without authentication. Versions less than 1.8.0.152-r1 are affected.
2cf0328599c61e8d96a0c7644ff739c1e26ca5c16e25a38caa81567f6536847e
Red Hat Security Advisory 2017-2999-01 - Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 8 to version 8 Update 151. Security Fix: This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.
5a4ce654a7f1a56a3e0c28d38c35a7bd07a67e4a9e13e00e1109d326f55215e6