oracle java SE is vulnerable to unauthenticated access vulnerability. This exists due to not validating the length of the object identifier read from the DER input in Libraries component of OpenJDK before allocating memory to store the OID. An attacker able to make a Java application decode a specially crafted DER input could cause the application to consume an excessive amount of memory.
rhn.redhat.com/errata/RHSA-2017-0175.html
rhn.redhat.com/errata/RHSA-2017-0176.html
rhn.redhat.com/errata/RHSA-2017-0180.html
rhn.redhat.com/errata/RHSA-2017-0263.html
rhn.redhat.com/errata/RHSA-2017-0269.html
rhn.redhat.com/errata/RHSA-2017-0336.html
rhn.redhat.com/errata/RHSA-2017-0337.html
www.debian.org/security/2017/dsa-3782
www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html
www.securityfocus.com/bid/95521
www.securitytracker.com/id/1037637
access.redhat.com/errata/RHSA-2017:0180
access.redhat.com/errata/RHSA-2017:1216
access.redhat.com/security/updates/classification/#critical
bugzilla.redhat.com/show_bug.cgi?id=1369383
security.gentoo.org/glsa/201701-65
security.gentoo.org/glsa/201707-01
security.netapp.com/advisory/ntap-20170119-0001/