Уязвимости Угрозы

English Russian Japanese LatAm Türkiye Brasil France Český Deutschland

KLA12516
Multiple vulnerabilities in Oracle Java SE and GraalVM

Обновлено: 29/09/2023
Дата обнаружения
 19/04/2022
Уровень угрозы
 High
Описание

Multiple vulnerabilities were found in Oracle Java SE and GraalVM. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, obtain sensitive information, gain privileges.

Below is a complete list of vulnerabilities:

  1. A remote code execution vulnerability can be exploited to execute arbitrary code.
  2. A remote code execution vulnerability can be exploited to execute arbitrary code and denial of service.
  3. A remote code execution vulnerability can be exploited to execute arbitrary code and obtain sensitive information.
  4. Denial of service vulnerability can be exploited to cause denial of service.
  5. An elevation of privilege vulnerability can be exploited remotely to gain privileges.
Эксплуатация

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Пораженные продукты

Oracle GraalVM Enterprise Edition 20.3.5, 21.3.1, 22.0.0.2
Oracle Java SE 7u331, 8u321, 11.0.14, 17.02, 18
Решение

Update to the latest version
Download Java
Первичный источник обнаружения
 Oracle Critical Patch Update Advisory - April 2022
Оказываемое влияние
?
ACE 
[?]

OSI 
[?]

DoS 
[?]

SB 
[?]

PE 
[?]
Связанные продукты
 Oracle Java JRE 1.7.x
Oracle Java JRE 1.8.x
CVE-IDS
CVE-2022-214965.0Warning
CVE-2022-214265.0Warning
CVE-2022-214765.0Warning
CVE-2022-214434.3Warning
CVE-2022-214495.0Warning
CVE-2022-214345.0Warning
Узнай статистику распространения уязвимостей в твоем регионе
© 2023 AO Kaspersky Lab. All Rights Reserved.
Privacy Policy

Up