7.4 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
7.8 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
37.3%
The updated packages fix security vulnerabilities: Array out-of-bounds access due to missing range check in C1 compiler. (CVE-2024-20918) RSA padding issue and timing side-channel attack against TLS. (CVE-2024-20952) Arbitrary Java code execution in Nashorn. (CVE-2024-20926) JVM class file verifier flaw allows unverified bytecode execution. (CVE-2024-20919) Range check loop optimization issue. (CVE-2024-20921) Logging of digital signature private keys. (CVE-2024-20945)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 9 | noarch | java | < 11-openjdk-11.0.22.0.7-1 | java-11-openjdk-11.0.22.0.7-1.mga9 |
Mageia | 9 | noarch | java | < 1.8.0-openjdk-1.8.0.402.b06-1 | java-1.8.0-openjdk-1.8.0.402.b06-1.mga9 |
Mageia | 9 | noarch | java-latest-openjdk | < 21.0.2.0.13-1.rolling.1 | java-latest-openjdk-21.0.2.0.13-1.rolling.1.mga9 |
7.4 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
7.8 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
37.3%