KLA11867
Multiple vulnerabilities in Oracle Java SE

Updated: 07/21/2020
Detect date
?
07/14/2020
Severity
?
High
Description

Multiple vulnerabilities were found in Oracle Java SE. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service.

Below is a complete list of vulnerabilities:

  1. Vulnerability in Hotspot component of Java SE, Java SE Embedded can be exploited to obtain sensitive information;
  2. Vulnerability in Libraries component of Java SE, Java SE Embedded can be exploited to cause denial of service;
  3. Vulnerability in JAXP component of Java SE, Java SE Embedded can be exploited to obtain sensitive information;
  4. Vulnerability in 2D component of Java SE, Java SE Embedded can be exploited to obtain sensitive information;
  5. Vulnerability in Libraries component of Java SE, Java SE Embedded can be exploited to obtain sensitive information;
  6. Vulnerability in JavaFX component of Java SE can be exploited to obtain sensitive information;
  7. Vulnerability in JSSE component of Java SE, Java SE Embedded can be exploited to obtain sensitive information;
  8. Vulnerability in ImageIO component of Java SE can be exploited to cause denial of service.
Affected products

Java SE: 7u261, 8u251, 11.0.7, 14.0.1;
Java SE Embedded: 8u251

Solution

Update to the latest version
Download Java

Original advisories

Oracle Critical Patch Update Advisory – July 2020

Impacts
?
OSI 
[?]

DoS 
[?]
Related products
Oracle Java JRE 1.7.x
Oracle Java JRE 1.8.x
Oracle Java JRE 1.10.x
CVE-IDS
?
CVE-2020-145734.3Warning
CVE-2020-145794.3Warning
CVE-2020-146215.0Critical
CVE-2020-145934.3Warning
CVE-2020-145814.3Warning
CVE-2020-145835.1High
CVE-2020-145784.3Warning
CVE-2020-145565.8High
CVE-2020-146645.1High
CVE-2020-145774.3Warning
CVE-2020-145625.0Critical
Find out the statistics of the vulnerabilities spreading in your region