NotCVE - vendor:"Oracle" product:"Graalvm" version:"22.3.0"

Page 3 of 23 results (0.002 seconds)

CVSS: 3.7EPSS: 0%CPEs: 19EXPL: 0

CVE-2023-21843 – OpenJDK: soundbank URL remote loading (Sound, 8293742)

https://notcve.org/view.php?id=CVE-2023-21843

17 Jan 2023 — Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Sound). Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf, 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in un... • https://security.gentoo.org/glsa/202401-25 • CWE-646: Reliance on File Name or Extension of Externally-Supplied File •

CVSS: 5.3EPSS: 0%CPEs: 14EXPL: 0

CVE-2023-21835 – OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411)

https://notcve.org/view.php?id=CVE-2023-21835

17 Jan 2023 — Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via DTLS to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partia... • https://security.gentoo.org/glsa/202401-25 • CWE-400: Uncontrolled Resource Consumption •

CVSS: 5.3EPSS: 0%CPEs: 16EXPL: 0

CVE-2023-21830 – OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021)

https://notcve.org/view.php?id=CVE-2023-21830

17 Jan 2023 — Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf; Oracle GraalVM Enterprise Edition: 20.3.8 and 21.3.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert o... • https://security.gentoo.org/glsa/202401-25 • CWE-502: Deserialization of Untrusted Data •

1 2 3