7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
0.002 Low
EPSS
Percentile
59.6%
Class compilation issue. (CVE-2022-21540) Improper restriction of MethodHandle.invokeBasic(). (CVE-2022-21541) Integer truncation issue in Xalan-J. (CVE-2022-34169) Improper MultiByte conversion can lead to buffer overflow. (CVE-2022-21618) Improper handling of long NTLM client hostnames. (CVE-2022-21619) Insufficient randomization of JNDI DNS port numbers. (CVE-2022-21624) Excessive memory allocation in X.509 certificate parsing. (CVE-2022-21626) HttpServer no connection count limit. (CVE-2022-21628) Missing SNI caching in HTTP/2. (CVE-2022-39399)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 8 | noarch | java | < 1.8.0-openjdk-1.8.0.352.b08-1.1 | java-1.8.0-openjdk-1.8.0.352.b08-1.1.mga8 |
Mageia | 8 | noarch | java | < 11-openjdk-11.0.17.0.8-1.1 | java-11-openjdk-11.0.17.0.8-1.1.mga8 |
Mageia | 8 | noarch | timezone | < 2022e-1 | timezone-2022e-1.mga8 |
access.redhat.com/errata/RHSA-2022:5683
access.redhat.com/errata/RHSA-2022:5696
access.redhat.com/errata/RHSA-2022:7007
access.redhat.com/errata/RHSA-2022:7013
bugs.mageia.org/show_bug.cgi?id=30753
www.oracle.com/security-alerts/cpujul2022.html#AppendixJAVA
www.oracle.com/security-alerts/cpuoct2022.html#AppendixJAVA