Test ID:	1.3.6.1.4.1.25623.1.0.821189
Category:	General
Title:	Oracle Java SE Security Update (jul2022) - Windows
Summary:	Oracle Java SE is prone to multiple; vulnerabilities.
Description:	Summary: Oracle Java SE is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws are due to unspecified errors in 'Libraries', 'JAXP' and 'Hotspot' components. Vulnerability Impact: Successful exploitation will allow remote attacker to have an impact on confidentiality, integrity and availability. Affected Software/OS: Oracle Java SE version 7u343 (1.7.0.343) and earlier, 8u333 (1.8.0.333) and earlier, 11.x through 11.0.15.1, 17.x through 17.0.3.1, 18.x through 18.0.1.1 on Windows. Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:C/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2022-34169 https://security.gentoo.org/glsa/202401-25 DSA-5188 https://www.debian.org/security/2022/dsa-5188 DSA-5192 https://www.debian.org/security/2022/dsa-5192 DSA-5256 https://www.debian.org/security/2022/dsa-5256 FEDORA-2022-19b6f21746 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO/ FEDORA-2022-80afe2304a https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ/ FEDORA-2022-ae563934f7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2/ FEDORA-2022-b76ab52e73 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L/ FEDORA-2022-d26586b419 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM/ FEDORA-2022-e573851f56 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB/ [debian-lts-announce] 20221018 [SECURITY] [DLA 3155-1] bcel security update https://lists.debian.org/debian-lts-announce/2022/10/msg00024.html [oss-security] 20220719 CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets http://www.openwall.com/lists/oss-security/2022/07/19/5 [oss-security] 20220719 Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets http://www.openwall.com/lists/oss-security/2022/07/19/6 http://www.openwall.com/lists/oss-security/2022/07/20/2 [oss-security] 20220720 Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets http://www.openwall.com/lists/oss-security/2022/07/20/3 [oss-security] 20221017 Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets http://www.openwall.com/lists/oss-security/2022/10/18/2 [oss-security] 20221104 Re: CVE-2022-42920: Apache Commons BCEL prior to 6.6.0 allows producing arbitrary bytecode via out-of-bounds writing http://www.openwall.com/lists/oss-security/2022/11/04/8 [oss-security] 20221107 Re: CVE-2022-42920: Apache Commons BCEL prior to 6.6.0 allows producing arbitrary bytecode via out-of-bounds writing http://www.openwall.com/lists/oss-security/2022/11/07/2 http://packetstormsecurity.com/files/168186/Xalan-J-XSLTC-Integer-Truncation.html https://lists.apache.org/thread/12pxy4phsry6c34x2ol4fft6xlho4kyw https://lists.apache.org/thread/2qvl7r43wb4t8p9dd9om1bnkssk07sn8 https://security.netapp.com/advisory/ntap-20220729-0009/ https://www.oracle.com/security-alerts/cpujul2022.html Common Vulnerability Exposure (CVE) ID: CVE-2022-21541 Debian Security Information: DSA-5188 (Google Search) Debian Security Information: DSA-5192 (Google Search) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB/ Common Vulnerability Exposure (CVE) ID: CVE-2022-21540 Common Vulnerability Exposure (CVE) ID: CVE-2022-21549 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NQICCJXXAYMCCXOO24R4W7Q3RSKCYDMX/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UKJCLA2GDNF4B7ZRKORQ2TIR56AHJ4VC/
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.