Lucene search

K

Veracode Vulnerability DatabaseVERACODE:22309

HistoryJan 17, 2020 - 1:47 a.m.

Arbitrary Code Execution

2020-01-1701:47:10

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

21

EPSS

0.003

Percentile

68.1%

openjdk is vulnerable to arbitrary code execution. Successful exploitation of the insecure serialization filter changes via jdk.serialFilter property modification results in a complete takeover of the application.

References

lists.opensuse.org/opensuse-security-announce/2020-01/msg00050.html

lists.opensuse.org/opensuse-security-announce/2020-01/msg00060.html

access.redhat.com/errata/RHSA-2020:0122

access.redhat.com/errata/RHSA-2020:0128

access.redhat.com/errata/RHSA-2020:0157

access.redhat.com/errata/RHSA-2020:0196

access.redhat.com/errata/RHSA-2020:0202

access.redhat.com/errata/RHSA-2020:0231

access.redhat.com/errata/RHSA-2020:0232

access.redhat.com/errata/RHSA-2020:0465

access.redhat.com/errata/RHSA-2020:0467

access.redhat.com/errata/RHSA-2020:0468

access.redhat.com/errata/RHSA-2020:0469

access.redhat.com/errata/RHSA-2020:0470

access.redhat.com/errata/RHSA-2020:0541

access.redhat.com/errata/RHSA-2020:0632

access.redhat.com/security/updates/classification/#important

kc.mcafee.com/corporate/index?page=content&id=SB10315

lists.debian.org/debian-lts-announce/2020/02/msg00034.html

seclists.org/bugtraq/2020/Feb/22

seclists.org/bugtraq/2020/Jan/24

security.gentoo.org/glsa/202101-19

security.netapp.com/advisory/ntap-20200122-0003/

usn.ubuntu.com/4257-1/

www.debian.org/security/2020/dsa-4605

www.debian.org/security/2020/dsa-4621

www.oracle.com/security-alerts/cpujan2020.html

www.oracle.com/security-alerts/cpujul2021.html

EPSS

0.003

Percentile

68.1%

Related for VERACODE:22309

debiancve1 redhatcve1 osv4 cve1 symantec1 cvelist1 prion1 vulnrichment1 ubuntucve1 alpinelinux1 ibm49 nvd1 f51 nessus66 openvas28 redhat15 centos5 amazon5 suse2 debian3 oraclelinux7 mageia1 ubuntu1 kaspersky1 gentoo1