exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 9 of 9 RSS Feed

CVE-2022-21549

Status Candidate

Overview

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 17.0.3.1; Oracle GraalVM Enterprise Edition: 21.3.2 and 22.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).

Related Files

Gentoo Linux Security Advisory 202401-25
Posted Jan 17, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202401-25 - Multiple vulnerabilities have been discovered in OpenJDK, the worst of which can lead to remote code execution. Versions greater than or equal to 11.0.19_p7:11 are affected.

tags | advisory, remote, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2022-21540, CVE-2022-21541, CVE-2022-21549, CVE-2022-21618, CVE-2022-21619, CVE-2022-21624, CVE-2022-21626, CVE-2022-21628, CVE-2022-34169, CVE-2022-39399, CVE-2022-42920, CVE-2023-21830, CVE-2023-21835, CVE-2023-21843
SHA-256 | 0a4fe242d77ea01ee2a725ae008fbefb532aeaf7181a2f1427c642180897d42f
Red Hat Security Advisory 2022-6040-01
Posted Aug 11, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6040-01 - Version 1.24.0 of the OpenShift Serverless Operator is supported on Red Hat OpenShift Container Platform versions 4.6, 4.7, 4.8, 4.9, 4.10, and 4.11. This release includes security and bug fixes, and enhancements. Issues addressed include bypass and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2021-40528, CVE-2022-1705, CVE-2022-1962, CVE-2022-1996, CVE-2022-21540, CVE-2022-21541, CVE-2022-21549, CVE-2022-21698, CVE-2022-22576, CVE-2022-24675, CVE-2022-24921, CVE-2022-25313, CVE-2022-25314, CVE-2022-27774
SHA-256 | ed2fc17ea4fea7b280250203da1e4e161fa8403846ac647afd3762bf7b3aada3
Ubuntu Security Notice USN-5546-1
Posted Aug 5, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5546-1 - Neil Madden discovered that OpenJDK did not properly verify ECDSA signatures. A remote attacker could possibly use this issue to insert, edit or obtain sensitive information. This issue only affected OpenJDK 17 and OpenJDK 18. It was discovered that OpenJDK incorrectly limited memory when compiling a specially crafted XPath expression. An attacker could possibly use this issue to cause a denial of service. This issue was fixed in OpenJDK 8 and OpenJDK 18. USN-5388-1 and USN-5388-2 addressed this issue in OpenJDK 11 and OpenJDK 17.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2022-21426, CVE-2022-21434, CVE-2022-21443, CVE-2022-21449, CVE-2022-21476, CVE-2022-21496, CVE-2022-21540, CVE-2022-21541, CVE-2022-21549, CVE-2022-34169
SHA-256 | 84c887787fbc010de3680aa29d38e80563065655d3f3e4aab5622447751585c1
Ubuntu Security Notice USN-5546-2
Posted Aug 5, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5546-2 - USN-5546-1 fixed vulnerabilities in OpenJDK. This update provides the corresponding updates for Ubuntu 16.04 ESM. Neil Madden discovered that OpenJDK did not properly verify ECDSA signatures. A remote attacker could possibly use this issue to insert, edit or obtain sensitive information. This issue only affected OpenJDK 17 and OpenJDK 18.

tags | advisory, remote, vulnerability
systems | linux, ubuntu
advisories | CVE-2022-21426, CVE-2022-21434, CVE-2022-21443, CVE-2022-21449, CVE-2022-21476, CVE-2022-21496, CVE-2022-21540, CVE-2022-21541, CVE-2022-21549, CVE-2022-34169
SHA-256 | 87c3a989ef7c811d1439e85194a5e4c23b3972fb68b3f204b750638318cec97c
Red Hat Security Advisory 2022-5736-01
Posted Aug 4, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5736-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2022-21540, CVE-2022-21541, CVE-2022-21549, CVE-2022-34169
SHA-256 | b66cd98c78dd60c3c02ba788ca87f0a5946d2153bacdf3a63a5a2670ad03b049
Red Hat Security Advisory 2022-5757-01
Posted Aug 4, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5757-01 - The OpenJDK 17 packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. This release of the Red Hat build of OpenJDK 17 for Windows serves as a replacement for the Red Hat build of OpenJDK 17 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.

tags | advisory, java
systems | linux, redhat, windows
advisories | CVE-2022-21540, CVE-2022-21541, CVE-2022-21549, CVE-2022-34169
SHA-256 | fbc6977854b35380ab268b6817556c6ff587166034c887f15ad8178f74be7a03
Red Hat Security Advisory 2022-5758-01
Posted Aug 4, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5758-01 - The OpenJDK 17 packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. This release of the Red Hat build of OpenJDK 17 for portable Linux serves as a replacement for the Red Hat build of OpenJDK 17 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2022-21540, CVE-2022-21541, CVE-2022-21549, CVE-2022-34169
SHA-256 | f9d354777dd10a4d576c7f92cad0e774d1b70f6fb7ca65cb496e9dc5f24a4088
Debian Security Advisory 5192-1
Posted Jul 28, 2022
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5192-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in the execution of arbitrary Java bytecode or the bypass of the Java sandbox.

tags | advisory, java, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2022-21540, CVE-2022-21541, CVE-2022-21549, CVE-2022-34169
SHA-256 | c43d3f47904bf1622399c5f254c0b94f22c3a33cfcc6a1dd53dd9f101969be72
Red Hat Security Advisory 2022-5726-01
Posted Jul 27, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5726-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2022-21540, CVE-2022-21541, CVE-2022-21549, CVE-2022-34169
SHA-256 | 6eb27b7dc1c808f4bcad32366c47aa3d773d890869f4e69aed306edaf4b3fbe3
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close