Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redosRedosROS-20240820-05
HistoryAug 20, 2024 - 12:00 a.m.

ROS-20240820-05

2024-08-2000:00:00
redos.red-soft.ru
6
javafx
oracle
graalvm
input validation
remote attacker
data compromise
confidentiality
information security

CVSS3

3.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N

AI Score

6.5

Confidence

Low

JSON

A vulnerability in the JavaFX component of Oracle GraalVM Enterprise Edition virtual machine and Oracle Java SE software platform is related to insufficient input validation.
Oracle Java SE platform is related to insufficient input data validation. Exploitation of the vulnerability could
allow an attacker to gain access to read, modify, or delete data

A vulnerability in the JavaFX component of Oracle Java SE software platform and Oracle GraalVM virtual machine
Enterprise Edition exists due to insufficient input data validation. Exploitation of the vulnerability could
Allow a remote attacker to compromise the integrity of protected information

A vulnerability in the JavaFX component of the Oracle Java SE software platform and Oracle GraalVM virtual machine exists due to insufficient input validation.
Enterprise Edition exists due to insufficient input validation. Exploitation of the vulnerability could
Allow a remote attacker to gain access to confidential information

OSVersionArchitecturePackageVersionFilename
redos7.3x86_64java-1.8.0-openjdk< 1.8.0.402.b06-1UNKNOWN

Related

openvas 2
f5 2
nessus 9
debiancve 3
ubuntucve 3
prion 3
vulnrichment 2
amazon 2
cve 3
cvelist 3
nvd 3
osv 1
github 1
kaspersky 1
oracle 2
openvas
openvas
Oracle Java SE Security Update (jan2024) 04 - Linux
2024-01-17 00:00:00
Oracle Java SE Security Update (jan2024) 04 - Windows
2024-01-17 00:00:00
f5
f5
K000138462 : Oracle Java vulnerabilities CVE-2024-20922, CVE-2024-20923
2024-02-02 00:00:00
K000138850 : OpenJDK vulnerabilities CVE-2024-20918, CVE-2024-20925, CVE-2024-20945, CVE-2024-20952, and CVE-2024-20955
2024-03-07 00:00:00
nessus
nessus
Amazon Linux 2023 : java-21-amazon-corretto, java-21-amazon-corretto-devel, java-21-amazon-corretto-headless (ALAS2023-2024-485)
2024-01-18 00:00:00
Amazon Linux 2 : java-17-amazon-corretto (ALAS-2024-2415)
2024-01-18 00:00:00
Amazon Linux 2023 : java-17-amazon-corretto, java-17-amazon-corretto-devel, java-17-amazon-corretto-headless (ALAS2023-2024-483)
2024-01-18 00:00:00
debiancve
debiancve
CVE-2024-20923
2024-02-17 02:15:47
CVE-2024-20925
2024-02-17 02:15:47
CVE-2024-20922
2024-01-16 22:15:39
ubuntucve
ubuntucve
CVE-2024-20925
2024-02-17 00:00:00
CVE-2024-20922
2024-01-16 00:00:00
CVE-2024-20923
2024-02-17 00:00:00
prion
prion
Buffer overflow
2024-02-17 02:15:00
Buffer overflow
2024-01-16 22:15:00
Buffer overflow
2024-02-17 02:15:00
vulnrichment
vulnrichment
CVE-2024-20925
2024-02-17 01:50:11
CVE-2024-20923
2024-02-17 01:50:11
amazon
amazon
Important: java-17-amazon-corretto
2024-01-17 00:55:00
Important: java-11-amazon-corretto
2024-01-17 00:55:00
cve
cve
CVE-2024-20923
2024-02-17 02:15:47
CVE-2024-20925
2024-02-17 02:15:47
CVE-2024-20922
2024-01-16 22:15:39
cvelist
cvelist
CVE-2024-20922
2024-01-16 21:41:15
CVE-2024-20925
2024-02-17 01:50:11
CVE-2024-20923
2024-02-17 01:50:11
nvd
nvd
CVE-2024-20922
2024-01-16 22:15:39
CVE-2024-20925
2024-02-17 02:15:47
CVE-2024-20923
2024-02-17 02:15:47
osv
osv
Vulnerability affecting the org.openjfx:javafx-media maven component of the OpenJFX project
2024-02-17 03:30:29
github
github
Vulnerability affecting the org.openjfx:javafx-media maven component of the OpenJFX project
2024-02-17 03:30:29
kaspersky
kaspersky
KLA63108 Multiple vulnerabilities in Oracle Java SE and GraalVM
2024-01-16 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - January 2024
2024-01-16 00:00:00
Oracle Critical Patch Update Advisory - April 2024
2024-04-16 00:00:00

CVSS3

3.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N

AI Score

6.5

Confidence

Low

JSON
Related for ROS-20240820-05
openvas2f52nessus9debiancve3ubuntucve3prion3vulnrichment2amazon2cve3cvelist3nvd3osv1github1kaspersky1oracle2