Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2023-22081

Опубликовано: 17 окт. 2023
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS3: 5.3

Описание

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Oracle GraalVM Enterprise Edition: 20.3.11, 21.3.7 and 22.3.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This v...

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-apps/focal

ignored

superseded by openjdk-17
focal

ignored

end of standard support, was ignored [superseded by openjdk-17]
jammy

DNE

lunar

DNE

mantic

DNE

noble

DNE

oracular

DNE

plucky

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-apps/focal

ignored

superseded by openjdk-17
focal

ignored

end of standard support, was ignored [superseded by openjdk-17]
jammy

DNE

lunar

DNE

mantic

DNE

noble

DNE

oracular

DNE

plucky

DNE

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support
devel

not-affected

17.0.9+9-2
esm-apps/bionic

released

17.0.9+9-1~18.04
esm-apps/focal

released

17.0.9+9-1~20.04
esm-apps/jammy

released

17.0.9+9-1~22.04
focal

released

17.0.9+9-1~20.04
jammy

released

17.0.9+9-1~22.04
lunar

released

17.0.9+9-1~23.04
mantic

released

17.0.9+9-1~23.10
noble

not-affected

17.0.9+9-2

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-infra/focal

DNE

focal

DNE

jammy

ignored

superseded by openjdk-19
lunar

ignored

superseded by openjdk-19
mantic

DNE

noble

DNE

oracular

DNE

plucky

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-infra/focal

DNE

focal

DNE

jammy

ignored

no longer supported by upstream
lunar

ignored

superseded by openjdk-20
mantic

ignored

end of life, was ignored [superseded by openjdk-20]
noble

DNE

oracular

DNE

plucky

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-infra/focal

DNE

focal

DNE

jammy

DNE

lunar

ignored

superseded by openjdk-21
mantic

ignored

end of life, was ignored [superseded by openjdk-21]
noble

DNE

oracular

DNE

plucky

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

not-affected

21.0.1+12-2
esm-apps/focal

not-affected

21.0.1+12-1
esm-apps/jammy

released

21.0.1+12-2~22.04
focal

not-affected

21.0.1+12-1
jammy

released

21.0.1+12-2~22.04
lunar

released

21.0.1+12-2~23.04
mantic

released

21.0.1+12-2~23.10
noble

not-affected

21.0.1+12-2
oracular

not-affected

21.0.1+12-2

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-infra/focal

DNE

focal

DNE

jammy

DNE

lunar

DNE

mantic

ignored

end of life, was needed
oracular

ignored

end of life, was needs-triage
plucky

DNE

trusty

DNE

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support
devel

not-affected

8u392-ga-1
esm-apps/bionic

released

8u392-ga-1~18.04
esm-apps/focal

released

8u392-ga-1~20.04
esm-apps/jammy

released

8u392-ga-1~22.04
esm-apps/noble

not-affected

8u392-ga-1
esm-infra/xenial

released

8u392-ga-1~16.04
focal

released

8u392-ga-1~20.04
jammy

released

8u392-ga-1~22.04
lunar

released

8u392-ga-1~23.04

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-apps/xenial

ignored

no longer supported by upstream
esm-infra/focal

DNE

focal

DNE

jammy

DNE

lunar

DNE

mantic

DNE

noble

DNE

oracular

DNE

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support
devel

not-affected

11.0.21+9-0ubuntu1
esm-apps/noble

not-affected

11.0.21+9-0ubuntu1
esm-infra/bionic

released

11.0.21+9-0ubuntu1~18.04
esm-infra/focal

not-affected

11.0.21+9-0ubuntu1~20.04
focal

released

11.0.21+9-0ubuntu1~20.04
jammy

released

11.0.21+9-0ubuntu1~22.04
lunar

released

11.0.21+9-0ubuntu1~23.04
mantic

released

11.0.21+9-0ubuntu1~23.10
noble

not-affected

11.0.21+9-0ubuntu1

Показывать по

Ссылки на источники

EPSS

Процентиль: 21%
0.00067
Низкий

5.3 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2023-22081

CVSS3: 5.3
redhat
почти 2 года назад

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Oracle GraalVM Enterprise Edition: 20.3.11, 21.3.7 and 22.3.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. Thi...

nvd логотип

CVE-2023-22081

CVSS3: 5.3
nvd
почти 2 года назад

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Oracle GraalVM Enterprise Edition: 20.3.11, 21.3.7 and 22.3.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This v

debian логотип

CVE-2023-22081

CVSS3: 5.3
debian
почти 2 года назад

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle Gr ...

suse-cvrf логотип

SUSE-SU-2023:4198-1

suse-cvrf
почти 2 года назад

Security update for java-11-openjdk

suse-cvrf логотип

SUSE-SU-2023:4152-1

suse-cvrf
почти 2 года назад

Security update for java-11-openjdk

EPSS

Процентиль: 21%
0.00067
Низкий

5.3 Medium

CVSS3