#java

The Red Hat Build of OpenJDK 11 (java-11-openjdk) is now available for portable Linux. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21248: OpenJDK: Incomplete deserialization class filtering in ObjectInputStream (Serialization, 8264934) * CVE-2022-21277: OpenJDK: Incorrect reading of TIFF files in TIFFNullDecompressor (ImageIO, 8270952) * CVE-2022-21282: OpenJDK: Insufficient URI checks in the XSLT TransformerImpl (JAXP, 8270492) * CVE-2022-21283: OpenJDK: Unexpected...

The Red Hat build of OpenJDK 17 (java-17-openjdk) is now available for Windows. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21248: OpenJDK: Incomplete deserialization class filtering in ObjectInputStream (Serialization, 8264934) * CVE-2022-21277: OpenJDK: Incorrect reading of TIFF files in TIFFNullDecompressor (ImageIO, 8270952) * CVE-2022-21282: OpenJDK: Insufficient URI checks in the XSLT TransformerImpl (JAXP, 8270492) * CVE-2022-21283: OpenJDK: Unexpected except...

The Red Hat build of OpenJDK 17 (java-17-openjdk) is now available for portable Linux. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21248: OpenJDK: Incomplete deserialization class filtering in ObjectInputStream (Serialization, 8264934) * CVE-2022-21277: OpenJDK: Incorrect reading of TIFF files in TIFFNullDecompressor (ImageIO, 8270952) * CVE-2022-21282: OpenJDK: Insufficient URI checks in the XSLT TransformerImpl (JAXP, 8270492) * CVE-2022-21283: OpenJDK: Unexpected...

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21248: OpenJDK: Incomplete deserialization class filtering in ObjectInputStream (Serialization, 8264934) * CVE-2022-21277: OpenJDK: Incorrect reading of TIFF files in TIFFNullDecompressor (ImageIO, 8270952) * CVE-2022-21282: OpenJDK: Insufficient URI checks in the XSLT TransformerImpl (JAXP, 8270492) * CVE-2022-21283: OpenJDK: Unexpected excepti...

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21248: OpenJDK: Incomplete deserialization class filtering in ObjectInputStream (Serialization, 8264934) * CVE-2022-21277: OpenJDK: Incorrect reading of TIFF files in TIFFNullDecompressor (ImageIO, 8270952) * CVE-2022-21282: OpenJDK: Insufficient URI checks in the XSLT TransformerImpl (JAXP, 8270492) * CVE-2022-21283: O...

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a Moderate security impact status. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21248: OpenJDK: Incomplete deserialization class filtering in ObjectInputStream (Serialization, 8264934) * CVE-2022-21277: OpenJDK: Incorrect reading of TIFF files in TIFFNullDecompressor (ImageIO, 8270952) * CVE-2022-21282: OpenJDK: Insufficient URI checks in the XSLT TransformerImpl (JAXP, 8270492) * CVE-2022-21283: OpenJDK: Unexpected exc...

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21248: OpenJDK: Incomplete deserialization class filtering in ObjectInputStream (Serialization, 8264934) * CVE-2022-21277: OpenJDK: Incorrect reading of TIFF files in TIFFNullDecompressor (ImageIO, 8270952) * CVE-2022-21282: OpenJDK: Insufficient URI checks in the XSLT TransformerImpl (JAXP, 8270492) * CVE-2022-21283: O...

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4155: kernel: xfs: raw block device data leak in XFS_IOC_ALLOCSP IOCTL * CVE-2022-0185: kernel: fs_context: heap overflow in legacy parameter handling

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21248: OpenJDK: Incomplete deserialization class filtering in ObjectInputStream (Serialization, 8264934) * CVE-2022-21277: OpenJDK: Incorrect reading of TIFF files in TIFFNullDecompressor (ImageIO, 8270952) * CVE-2022-21282: OpenJDK: Insufficient URI checks in the XSLT TransformerImpl (JAXP, 8270492) * CVE-202...

The UpdraftPlus WordPress Backup Plugin WordPress plugin before 1.6.59 does not sanitise its updraft_service settings, allowing high privilege users to set malicious JavaScript payload in it and leading to a Stored Cross-Site Scripting issue