#java

An update for redhat-release-virtualization-host and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-36385: kernel: use-after-free in drivers/infiniband/core/ucma.c ctx use-after-free * CVE-2021-43527: nss: Memory corruption in decodeECorDsaSignature with DSA signatures (and RSA-PSS)

A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiWeb version 6.4.1 and below, 6.3.15 and below allows attacker to execute unauthorized code or commands via crafted GET parameters in requests to login and error handlers

An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 7 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-35556: OpenJDK: Excessive memory allocation in RTFParser (Swing, 8265167) * CVE-2021-35559: OpenJDK: Excessive memory allocation in RTFReader (Swing, 8265580) * CVE-2021-35560: Oracle JDK: unspecified vulnerability fixed in 8u311 (Deployment) * CVE-2021-35564: OpenJDK: Certificates with end dates too far in the future can corrupt k...

A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiWLM version 8.6.1 and below allows attacker to execute malicious javascript code on victim's host via crafted HTTP requests

A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiWLM version 8.6.1 and below allows attacker to store malicious javascript code in the device and trigger it via crafted HTTP requests

An update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-43536: Mozilla: URL leakage when navigating while executing asynchronous function * CVE-2021-43537: Mozilla: Heap buffer overflow when using structured clone * CVE-2021-43538: Mozilla: Missing fullscreen and pointer lock notification when requesting both * CVE-2021-43539: Mozilla: GC rooting failure when calling wasm instance methods * CVE-2021-43541: ...

An update for firefox is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-43536: Mozilla: URL leakage when navigating while executing asynchronous function * CVE-2021-43537: Mozilla: Heap buffer overflow when using structured clone * CVE-2021-43538: Mozilla: Missing fullscreen and pointer lock notification when requesting both * CVE-2021-43539: Mozilla: GC rooting failure when calling wasm instance ...

An update for firefox is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-43536: Mozilla: URL leakage when navigating while executing asynchronous function * CVE-2021-43537: Mozilla: Heap buffer overflow when using structured clone * CVE-2021-43538: Mozilla: Missing fullscreen and pointer lock notification when requesting both * CVE-2021-43539: Mozilla: GC rooting failure when calling wasm instance ...

An update for firefox is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-43536: Mozilla: URL leakage when navigating while executing asynchronous function * CVE-2021-43537: Mozilla: Heap buffer overflow when using structured clone * CVE-2021-43538: Mozilla: Missing fullscreen and pointer lock notification when requesting both * CVE-2021-43539: Mozilla: GC rooting failure when calling wasm instance methods * CVE-2021-43541: ...

An update for firefox is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-43536: Mozilla: URL leakage when navigating while executing asynchronous function * CVE-2021-43537: Mozilla: Heap buffer overflow when using structured clone * CVE-2021-43538: Mozilla: Missing fullscreen and pointer lock notification when requesting both * CVE-2021-43539: Mozilla: GC rooting failure when calling wasm...