Veracode Vulnerability DatabaseVERACODE:20906Side-channel Attack
0.002 Low
EPSS
Percentile
53.5%
openjdk is vulnerable to side-channel attack. An unknown difficult to exploit vulnerability allows an unauthenticated attacker with access to gain unauthorizaed access to critical system resources due to security risks arising from using deprecated functions within Elliptic Curve (EC) cryptography.
References
lists.opensuse.org/opensuse-security-announce/2019-08/msg00038.html
lists.opensuse.org/opensuse-security-announce/2019-08/msg00044.html
www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
access.redhat.com/errata/RHSA-2019:1811
access.redhat.com/security/updates/classification/#moderate
kc.mcafee.com/corporate/index?page=content&id=SB10300
lists.debian.org/debian-lts-announce/2019/08/msg00020.html
support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03977en_us
usn.ubuntu.com/4080-1/
Related
