CVE-2016-0695

Опубликовано: 19 апр. 2016

Источник: redhat

CVSS2: 2.6

EPSS Низкий

Описание

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality via vectors related to Security.

It was discovered that the Security component in OpenJDK failed to check the digest algorithm strength when generating DSA signatures. The use of a digest weaker than the key strength could lead to the generation of signatures that were weaker than expected.

Ссылки на источники

Дополнительная информация

Статус:

Low

https://bugzilla.redhat.com/show_bug.cgi?id=1328022OpenJDK: insufficient DSA key parameters checks (Security, 8138593)

EPSS

Процентиль: 83%

0.02034

Низкий

2.6 Low

CVSS2

Связанные уязвимости

CVE-2016-0695

CVSS3: 5.9

ubuntu

больше 9 лет назад

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality via vectors related to Security.

CVE-2016-0695

CVSS3: 5.9

nvd

больше 9 лет назад

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality via vectors related to Security.

CVE-2016-0695

CVSS3: 5.9

debian

больше 9 лет назад

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Jav ...

GHSA-5mrp-958f-q2c7

CVSS3: 5.9

github

больше 3 лет назад

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality via vectors related to Security.

openSUSE-SU-2016:1265-1

suse-cvrf

больше 9 лет назад

Security update for java-1_7_0-openjdk

EPSS

Процентиль: 83%

0.02034

Низкий

2.6 Low

CVSS2