KLA11867
Multiple vulnerabilities in Oracle Java SE
Updated: 07/21/2020
Detect date
?
07/14/2020
Severity
?
High
Description

Multiple vulnerabilities were found in Oracle Java SE. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service.

Below is a complete list of vulnerabilities:

  1. Vulnerability in Hotspot component of Java SE, Java SE Embedded can be exploited to obtain sensitive information;
  2. Vulnerability in Libraries component of Java SE, Java SE Embedded can be exploited to cause denial of service;
  3. Vulnerability in JAXP component of Java SE, Java SE Embedded can be exploited to obtain sensitive information;
  4. Vulnerability in 2D component of Java SE, Java SE Embedded can be exploited to obtain sensitive information;
  5. Vulnerability in Libraries component of Java SE, Java SE Embedded can be exploited to obtain sensitive information;
  6. Vulnerability in JavaFX component of Java SE can be exploited to obtain sensitive information;
  7. Vulnerability in JSSE component of Java SE, Java SE Embedded can be exploited to obtain sensitive information;
  8. Vulnerability in ImageIO component of Java SE can be exploited to cause denial of service.
Affected products

Java SE: 7u261, 8u251, 11.0.7, 14.0.1;
Java SE Embedded: 8u251

Solution

Update to the latest version
Download Java

Original advisories

Oracle Critical Patch Update Advisory – July 2020

Impacts
?
OSI 
[?]

DoS 
[?]
Related products
Oracle Java JRE 1.7.x
Oracle Java JRE 1.8.x
Oracle Java JRE 1.10.x
CVE-IDS
?
CVE-2020-145730.0Unknown
CVE-2020-145790.0Unknown
CVE-2020-146210.0Unknown
CVE-2020-145930.0Unknown
CVE-2020-145810.0Unknown
CVE-2020-145830.0Unknown
CVE-2020-145780.0Unknown
CVE-2020-145560.0Unknown
CVE-2020-146640.0Unknown
CVE-2020-145770.0Unknown
CVE-2020-145620.0Unknown