Multiple vulnerabilities in Oracle Java SE and GraalVM

Descrição

Multiple vulnerabilities were found in Oracle Java SE and GraalVM. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, obtain sensitive information.

Below is a complete list of vulnerabilities:

1. Code execution vulnerability in Networking can be exploited to execute arbitrary code.
2. Denial of service vulnerability in 2D (Harfbuzz) can be exploited to cause denial of service.
3. Information disclosure vulnerability in Hotspot can be exploited to obtain sensitive information.
4. Code execution vulnerability in JavaFX can be exploited to execute arbitrary code.
5. Code execution vulnerability in Libraries can be exploited to execute arbitrary code.
6. Denial of service vulnerability in Utility can be exploited to cause denial of service.

Comunicados originais

• Oracle Critical Patch Update Advisory – July 2023

Produtos relacionados

• Oracle-Java-JRE-1.7.x
• Oracle-Java-JRE-1.8.x

Lista de CVE

• CVE-2023-25193
  critical
• CVE-2023-22006
  warning
• CVE-2023-22041
  high
• CVE-2023-22044
  warning
• CVE-2023-22043
  high
• CVE-2023-22049
  warning
• CVE-2023-22045
  warning
• CVE-2023-22036
  warning

Saiba mais

Descubra as estatísticas das vulnerabilidades que se espalham em sua região statistics.securelist.com