Multiple vulnerabilities in Oracle Java SE and GraalVM

Descripción

Multiple vulnerabilities were found in Oracle Java SE and GraalVM. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, bypass security restrictions.

Below is a complete list of vulnerabilities:

1. Information disclosure vulnerability can be exploited to obtain sensitive information.
2. RCE vulnerability in Java XSLTcan be exploited to cause denial of service or execute arbitrary code.
3. Security vulnerability can be exploited to bypass security restrictions.

Notas informativas originales

• Oracle Critical Patch Update Advisory – July 2022

Explotación

Public exploits exist for this vulnerability.

Productos relacionados

• Oracle-Java-JRE-1.7.x
• Oracle-Java-JRE-1.8.x

Lista CVE

• CVE-2022-21540
  high
• CVE-2022-34169
  critical
• CVE-2022-21549
  high
• CVE-2022-21541
  high

Leer más

Conozca las estadísticas de las vulnerabilidades que se propagan en su región statistics.securelist.com