|Category:||CentOS Local Security Checks|
|Title:||CentOS: Security Advisory for java (CESA-2020:4348)|
|Summary:||The remote host is missing an update for the 'java'; package(s) announced via the CESA-2020:4348 advisory.|
The remote host is missing an update for the 'java'
package(s) announced via the CESA-2020:4348 advisory.
The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime
Environment and the OpenJDK 8 Java Software Development Kit.
* OpenJDK: Credentials sent over unencrypted LDAP connection (JNDI,
* OpenJDK: Certificate blacklist bypass via alternate certificate encodings
(Libraries, 8237995) (CVE-2020-14782)
* OpenJDK: Integer overflow leading to out-of-bounds access (Hotspot,
* OpenJDK: Incomplete check for invalid characters in URI to path
conversion (Libraries, 8242685) (CVE-2020-14797)
* OpenJDK: Race condition in NIO Buffer boundary checks (Libraries,
* OpenJDK: High memory usage during deserialization of Proxy class with
many interfaces (Serialization, 8236862) (CVE-2020-14779)
* OpenJDK: Missing permission check in path to URI conversion (Libraries,
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
'java' package(s) on CentOS 6.
Please install the updated package(s).
Common Vulnerability Exposure (CVE) ID: CVE-2020-14779|
Common Vulnerability Exposure (CVE) ID: CVE-2020-14781
Common Vulnerability Exposure (CVE) ID: CVE-2020-14782
Common Vulnerability Exposure (CVE) ID: CVE-2020-14792
Common Vulnerability Exposure (CVE) ID: CVE-2020-14796
Common Vulnerability Exposure (CVE) ID: CVE-2020-14797
Common Vulnerability Exposure (CVE) ID: CVE-2020-14803
|Copyright||Copyright (C) 2020 Greenbone Networks GmbH|
|This is only one of 86218 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.