KLA11867
Multiple vulnerabilities in Oracle Java SE

Обновлено: 21/07/2020
Дата обнаружения
14/07/2020
Уровень угрозы
High
Описание

Multiple vulnerabilities were found in Oracle Java SE. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service.

Below is a complete list of vulnerabilities:

  1. Vulnerability in Hotspot component of Java SE, Java SE Embedded can be exploited to obtain sensitive information;
  2. Vulnerability in Libraries component of Java SE, Java SE Embedded can be exploited to cause denial of service;
  3. Vulnerability in JAXP component of Java SE, Java SE Embedded can be exploited to obtain sensitive information;
  4. Vulnerability in 2D component of Java SE, Java SE Embedded can be exploited to obtain sensitive information;
  5. Vulnerability in Libraries component of Java SE, Java SE Embedded can be exploited to obtain sensitive information;
  6. Vulnerability in JavaFX component of Java SE can be exploited to obtain sensitive information;
  7. Vulnerability in JSSE component of Java SE, Java SE Embedded can be exploited to obtain sensitive information;
  8. Vulnerability in ImageIO component of Java SE can be exploited to cause denial of service.
Пораженные продукты

Java SE: 7u261, 8u251, 11.0.7, 14.0.1;
Java SE Embedded: 8u251

Решение

Update to the latest version
Download Java

Первичный источник обнаружения
Oracle Critical Patch Update Advisory - July 2020
Оказываемое влияние
?
OSI 
[?]

DoS 
[?]
Связанные продукты
Oracle Java JRE 1.7.x
Oracle Java JRE 1.8.x
Oracle Java JRE 1.10.x
CVE-IDS
CVE-2020-145734.3Warning
CVE-2020-145794.3Warning
CVE-2020-146215.0Critical
CVE-2020-145934.3Warning
CVE-2020-145814.3Warning
CVE-2020-145835.1High
CVE-2020-145784.3Warning
CVE-2020-145565.8High
CVE-2020-146645.1High
CVE-2020-145774.3Warning
CVE-2020-145625.0Critical
Узнай статистику распространения уязвимостей в твоем регионе