Multiple vulnerabilities in Oracle Java SE and GraalVM

Описание

Multiple vulnerabilities were found in Oracle Java SE and GraalVM. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, obtain sensitive information, gain privileges.

Below is a complete list of vulnerabilities:

1. A remote code execution vulnerability can be exploited to execute arbitrary code.
2. A remote code execution vulnerability can be exploited to execute arbitrary code and denial of service.
3. A remote code execution vulnerability can be exploited to execute arbitrary code and obtain sensitive information.
4. Denial of service vulnerability can be exploited to cause denial of service.
5. An elevation of privilege vulnerability can be exploited remotely to gain privileges.

Первичный источник обнаружения

• Oracle Critical Patch Update Advisory - April 2022
  

Эксплуатация

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

• Oracle-Java-JRE-1.7.x
• Oracle-Java-JRE-1.8.x

Список CVE

• CVE-2022-21496
  warning
• CVE-2022-21426
  warning
• CVE-2022-21476
  warning
• CVE-2022-21443
  warning
• CVE-2022-21449
  warning
• CVE-2022-21434
  warning

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com