rhsa-2022_0209
Vulnerability from csaf_redhat
Published
2022-01-24 09:45
Modified
2024-11-06 00:21
Summary
Red Hat Security Advisory: java-11-openjdk security update
Notes
Topic
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.2 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.
Security Fix(es):
* OpenJDK: Incomplete deserialization class filtering in ObjectInputStream (Serialization, 8264934) (CVE-2022-21248)
* OpenJDK: Incorrect reading of TIFF files in TIFFNullDecompressor (ImageIO, 8270952) (CVE-2022-21277)
* OpenJDK: Insufficient URI checks in the XSLT TransformerImpl (JAXP, 8270492) (CVE-2022-21282)
* OpenJDK: Unexpected exception thrown in regex Pattern (Libraries, 8268813) (CVE-2022-21283)
* OpenJDK: Incorrect marking of writeable fields (Hotspot, 8270386) (CVE-2022-21291)
* OpenJDK: Incomplete checks of StringBuffer and StringBuilder during deserialization (Libraries, 8270392) (CVE-2022-21293)
* OpenJDK: Incorrect IdentityHashMap size checks during deserialization (Libraries, 8270416) (CVE-2022-21294)
* OpenJDK: Incorrect access checks in XMLEntityManager (JAXP, 8270498) (CVE-2022-21296)
* OpenJDK: Infinite loop related to incorrect handling of newlines in XMLEntityScanner (JAXP, 8270646) (CVE-2022-21299)
* OpenJDK: Array indexing issues in LIRGenerator (Hotspot, 8272014) (CVE-2022-21305)
* OpenJDK: Excessive resource use when reading JAR manifest attributes (Libraries, 8272026) (CVE-2022-21340)
* OpenJDK: Insufficient checks when deserializing exceptions in ObjectInputStream (Serialization, 8272236) (CVE-2022-21341)
* OpenJDK: Excessive memory allocation in BMPImageReader (ImageIO, 8273756) (CVE-2022-21360)
* OpenJDK: Integer overflow in BMPImageReader (ImageIO, 8273838) (CVE-2022-21365)
* OpenJDK: Excessive memory allocation in TIFF*Decompressor (ImageIO, 8274096) (CVE-2022-21366)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.2 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.\n\nSecurity Fix(es):\n\n* OpenJDK: Incomplete deserialization class filtering in ObjectInputStream (Serialization, 8264934) (CVE-2022-21248)\n\n* OpenJDK: Incorrect reading of TIFF files in TIFFNullDecompressor (ImageIO, 8270952) (CVE-2022-21277)\n\n* OpenJDK: Insufficient URI checks in the XSLT TransformerImpl (JAXP, 8270492) (CVE-2022-21282)\n\n* OpenJDK: Unexpected exception thrown in regex Pattern (Libraries, 8268813) (CVE-2022-21283)\n\n* OpenJDK: Incorrect marking of writeable fields (Hotspot, 8270386) (CVE-2022-21291)\n\n* OpenJDK: Incomplete checks of StringBuffer and StringBuilder during deserialization (Libraries, 8270392) (CVE-2022-21293)\n\n* OpenJDK: Incorrect IdentityHashMap size checks during deserialization (Libraries, 8270416) (CVE-2022-21294)\n\n* OpenJDK: Incorrect access checks in XMLEntityManager (JAXP, 8270498) (CVE-2022-21296)\n\n* OpenJDK: Infinite loop related to incorrect handling of newlines in XMLEntityScanner (JAXP, 8270646) (CVE-2022-21299)\n\n* OpenJDK: Array indexing issues in LIRGenerator (Hotspot, 8272014) (CVE-2022-21305)\n\n* OpenJDK: Excessive resource use when reading JAR manifest attributes (Libraries, 8272026) (CVE-2022-21340)\n\n* OpenJDK: Insufficient checks when deserializing exceptions in ObjectInputStream (Serialization, 8272236) (CVE-2022-21341)\n\n* OpenJDK: Excessive memory allocation in BMPImageReader (ImageIO, 8273756) (CVE-2022-21360)\n\n* OpenJDK: Integer overflow in BMPImageReader (ImageIO, 8273838) (CVE-2022-21365)\n\n* OpenJDK: Excessive memory allocation in TIFF*Decompressor (ImageIO, 8274096) (CVE-2022-21366)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0209",
"url": "https://access.redhat.com/errata/RHSA-2022:0209"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2041400",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041400"
},
{
"category": "external",
"summary": "2041417",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041417"
},
{
"category": "external",
"summary": "2041427",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041427"
},
{
"category": "external",
"summary": "2041435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041435"
},
{
"category": "external",
"summary": "2041439",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041439"
},
{
"category": "external",
"summary": "2041472",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041472"
},
{
"category": "external",
"summary": "2041479",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041479"
},
{
"category": "external",
"summary": "2041491",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041491"
},
{
"category": "external",
"summary": "2041785",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041785"
},
{
"category": "external",
"summary": "2041789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041789"
},
{
"category": "external",
"summary": "2041801",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041801"
},
{
"category": "external",
"summary": "2041831",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041831"
},
{
"category": "external",
"summary": "2041878",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041878"
},
{
"category": "external",
"summary": "2041884",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041884"
},
{
"category": "external",
"summary": "2041897",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041897"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0209.json"
}
],
"title": "Red Hat Security Advisory: java-11-openjdk security update",
"tracking": {
"current_release_date": "2024-11-06T00:21:21+00:00",
"generator": {
"date": "2024-11-06T00:21:21+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2022:0209",
"initial_release_date": "2022-01-24T09:45:54+00:00",
"revision_history": [
{
"date": "2022-01-24T09:45:54+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-01-24T09:45:54+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-06T00:21:21+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:8.2::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "java-11-openjdk-1:11.0.14.0.9-1.el8_2.src",
"product": {
"name": "java-11-openjdk-1:11.0.14.0.9-1.el8_2.src",
"product_id": "java-11-openjdk-1:11.0.14.0.9-1.el8_2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk@11.0.14.0.9-1.el8_2?arch=src\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "java-11-openjdk-1:11.0.14.0.9-1.el8_2.aarch64",
"product": {
"name": "java-11-openjdk-1:11.0.14.0.9-1.el8_2.aarch64",
"product_id": "java-11-openjdk-1:11.0.14.0.9-1.el8_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk@11.0.14.0.9-1.el8_2?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.aarch64",
"product": {
"name": "java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.aarch64",
"product_id": "java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-demo@11.0.14.0.9-1.el8_2?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.aarch64",
"product": {
"name": "java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.aarch64",
"product_id": "java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-devel@11.0.14.0.9-1.el8_2?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.aarch64",
"product": {
"name": "java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.aarch64",
"product_id": "java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-headless@11.0.14.0.9-1.el8_2?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.aarch64",
"product": {
"name": "java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.aarch64",
"product_id": "java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-javadoc@11.0.14.0.9-1.el8_2?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.aarch64",
"product": {
"name": "java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.aarch64",
"product_id": "java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-javadoc-zip@11.0.14.0.9-1.el8_2?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.aarch64",
"product": {
"name": "java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.aarch64",
"product_id": "java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-jmods@11.0.14.0.9-1.el8_2?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.aarch64",
"product": {
"name": "java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.aarch64",
"product_id": "java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-src@11.0.14.0.9-1.el8_2?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.aarch64",
"product": {
"name": "java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.aarch64",
"product_id": "java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-static-libs@11.0.14.0.9-1.el8_2?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.aarch64",
"product": {
"name": "java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.aarch64",
"product_id": "java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-debugsource@11.0.14.0.9-1.el8_2?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"product": {
"name": "java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"product_id": "java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-debuginfo@11.0.14.0.9-1.el8_2?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"product": {
"name": "java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"product_id": "java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-devel-debuginfo@11.0.14.0.9-1.el8_2?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"product": {
"name": "java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"product_id": "java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-devel-slowdebug-debuginfo@11.0.14.0.9-1.el8_2?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"product": {
"name": "java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"product_id": "java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-headless-debuginfo@11.0.14.0.9-1.el8_2?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"product": {
"name": "java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"product_id": "java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-headless-slowdebug-debuginfo@11.0.14.0.9-1.el8_2?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"product": {
"name": "java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"product_id": "java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-slowdebug-debuginfo@11.0.14.0.9-1.el8_2?arch=aarch64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-11-openjdk-1:11.0.14.0.9-1.el8_2.ppc64le",
"product": {
"name": "java-11-openjdk-1:11.0.14.0.9-1.el8_2.ppc64le",
"product_id": "java-11-openjdk-1:11.0.14.0.9-1.el8_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk@11.0.14.0.9-1.el8_2?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.ppc64le",
"product": {
"name": "java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.ppc64le",
"product_id": "java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-demo@11.0.14.0.9-1.el8_2?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.ppc64le",
"product": {
"name": "java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.ppc64le",
"product_id": "java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-devel@11.0.14.0.9-1.el8_2?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.ppc64le",
"product": {
"name": "java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.ppc64le",
"product_id": "java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-headless@11.0.14.0.9-1.el8_2?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.ppc64le",
"product": {
"name": "java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.ppc64le",
"product_id": "java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-javadoc@11.0.14.0.9-1.el8_2?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.ppc64le",
"product": {
"name": "java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.ppc64le",
"product_id": "java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-javadoc-zip@11.0.14.0.9-1.el8_2?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.ppc64le",
"product": {
"name": "java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.ppc64le",
"product_id": "java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-jmods@11.0.14.0.9-1.el8_2?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.ppc64le",
"product": {
"name": "java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.ppc64le",
"product_id": "java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-src@11.0.14.0.9-1.el8_2?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.ppc64le",
"product": {
"name": "java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.ppc64le",
"product_id": "java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-static-libs@11.0.14.0.9-1.el8_2?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.ppc64le",
"product": {
"name": "java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.ppc64le",
"product_id": "java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-debugsource@11.0.14.0.9-1.el8_2?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"product": {
"name": "java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"product_id": "java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-debuginfo@11.0.14.0.9-1.el8_2?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"product": {
"name": "java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"product_id": "java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-devel-debuginfo@11.0.14.0.9-1.el8_2?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"product": {
"name": "java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"product_id": "java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-devel-slowdebug-debuginfo@11.0.14.0.9-1.el8_2?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"product": {
"name": "java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"product_id": "java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-headless-debuginfo@11.0.14.0.9-1.el8_2?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"product": {
"name": "java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"product_id": "java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-headless-slowdebug-debuginfo@11.0.14.0.9-1.el8_2?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"product": {
"name": "java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"product_id": "java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-slowdebug-debuginfo@11.0.14.0.9-1.el8_2?arch=ppc64le\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "java-11-openjdk-1:11.0.14.0.9-1.el8_2.x86_64",
"product": {
"name": "java-11-openjdk-1:11.0.14.0.9-1.el8_2.x86_64",
"product_id": "java-11-openjdk-1:11.0.14.0.9-1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk@11.0.14.0.9-1.el8_2?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.x86_64",
"product": {
"name": "java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.x86_64",
"product_id": "java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-demo@11.0.14.0.9-1.el8_2?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.x86_64",
"product": {
"name": "java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.x86_64",
"product_id": "java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-devel@11.0.14.0.9-1.el8_2?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.x86_64",
"product": {
"name": "java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.x86_64",
"product_id": "java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-headless@11.0.14.0.9-1.el8_2?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.x86_64",
"product": {
"name": "java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.x86_64",
"product_id": "java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-javadoc@11.0.14.0.9-1.el8_2?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.x86_64",
"product": {
"name": "java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.x86_64",
"product_id": "java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-javadoc-zip@11.0.14.0.9-1.el8_2?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.x86_64",
"product": {
"name": "java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.x86_64",
"product_id": "java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-jmods@11.0.14.0.9-1.el8_2?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.x86_64",
"product": {
"name": "java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.x86_64",
"product_id": "java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-src@11.0.14.0.9-1.el8_2?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.x86_64",
"product": {
"name": "java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.x86_64",
"product_id": "java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-static-libs@11.0.14.0.9-1.el8_2?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.x86_64",
"product": {
"name": "java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.x86_64",
"product_id": "java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-debugsource@11.0.14.0.9-1.el8_2?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"product": {
"name": "java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"product_id": "java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-debuginfo@11.0.14.0.9-1.el8_2?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"product": {
"name": "java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"product_id": "java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-devel-debuginfo@11.0.14.0.9-1.el8_2?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"product": {
"name": "java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"product_id": "java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-devel-slowdebug-debuginfo@11.0.14.0.9-1.el8_2?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"product": {
"name": "java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"product_id": "java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-headless-debuginfo@11.0.14.0.9-1.el8_2?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"product": {
"name": "java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"product_id": "java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-headless-slowdebug-debuginfo@11.0.14.0.9-1.el8_2?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"product": {
"name": "java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"product_id": "java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-slowdebug-debuginfo@11.0.14.0.9-1.el8_2?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-11-openjdk-1:11.0.14.0.9-1.el8_2.s390x",
"product": {
"name": "java-11-openjdk-1:11.0.14.0.9-1.el8_2.s390x",
"product_id": "java-11-openjdk-1:11.0.14.0.9-1.el8_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk@11.0.14.0.9-1.el8_2?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.s390x",
"product": {
"name": "java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.s390x",
"product_id": "java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-demo@11.0.14.0.9-1.el8_2?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.s390x",
"product": {
"name": "java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.s390x",
"product_id": "java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-devel@11.0.14.0.9-1.el8_2?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.s390x",
"product": {
"name": "java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.s390x",
"product_id": "java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-headless@11.0.14.0.9-1.el8_2?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.s390x",
"product": {
"name": "java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.s390x",
"product_id": "java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-javadoc@11.0.14.0.9-1.el8_2?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.s390x",
"product": {
"name": "java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.s390x",
"product_id": "java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-javadoc-zip@11.0.14.0.9-1.el8_2?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.s390x",
"product": {
"name": "java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.s390x",
"product_id": "java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-jmods@11.0.14.0.9-1.el8_2?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.s390x",
"product": {
"name": "java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.s390x",
"product_id": "java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-src@11.0.14.0.9-1.el8_2?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.s390x",
"product": {
"name": "java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.s390x",
"product_id": "java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-static-libs@11.0.14.0.9-1.el8_2?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.s390x",
"product": {
"name": "java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.s390x",
"product_id": "java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-debugsource@11.0.14.0.9-1.el8_2?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"product": {
"name": "java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"product_id": "java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-debuginfo@11.0.14.0.9-1.el8_2?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"product": {
"name": "java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"product_id": "java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-devel-debuginfo@11.0.14.0.9-1.el8_2?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"product": {
"name": "java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"product_id": "java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-devel-slowdebug-debuginfo@11.0.14.0.9-1.el8_2?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"product": {
"name": "java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"product_id": "java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-headless-debuginfo@11.0.14.0.9-1.el8_2?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"product": {
"name": "java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"product_id": "java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-headless-slowdebug-debuginfo@11.0.14.0.9-1.el8_2?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"product": {
"name": "java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"product_id": "java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-slowdebug-debuginfo@11.0.14.0.9-1.el8_2?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-1:11.0.14.0.9-1.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.aarch64"
},
"product_reference": "java-11-openjdk-1:11.0.14.0.9-1.el8_2.aarch64",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-1:11.0.14.0.9-1.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.ppc64le"
},
"product_reference": "java-11-openjdk-1:11.0.14.0.9-1.el8_2.ppc64le",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-1:11.0.14.0.9-1.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.s390x"
},
"product_reference": "java-11-openjdk-1:11.0.14.0.9-1.el8_2.s390x",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-1:11.0.14.0.9-1.el8_2.src as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.src"
},
"product_reference": "java-11-openjdk-1:11.0.14.0.9-1.el8_2.src",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-1:11.0.14.0.9-1.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.x86_64"
},
"product_reference": "java-11-openjdk-1:11.0.14.0.9-1.el8_2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64"
},
"product_reference": "java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le"
},
"product_reference": "java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.s390x"
},
"product_reference": "java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64"
},
"product_reference": "java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.aarch64"
},
"product_reference": "java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.aarch64",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.ppc64le"
},
"product_reference": "java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.ppc64le",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.s390x"
},
"product_reference": "java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.s390x",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.x86_64"
},
"product_reference": "java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.aarch64"
},
"product_reference": "java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.aarch64",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.ppc64le"
},
"product_reference": "java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.ppc64le",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.s390x"
},
"product_reference": "java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.s390x",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.x86_64"
},
"product_reference": "java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.aarch64"
},
"product_reference": "java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.aarch64",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.ppc64le"
},
"product_reference": "java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.ppc64le",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.s390x"
},
"product_reference": "java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.s390x",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.x86_64"
},
"product_reference": "java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64"
},
"product_reference": "java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le"
},
"product_reference": "java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.s390x"
},
"product_reference": "java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64"
},
"product_reference": "java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64"
},
"product_reference": "java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le"
},
"product_reference": "java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x"
},
"product_reference": "java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64"
},
"product_reference": "java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.aarch64"
},
"product_reference": "java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.aarch64",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.ppc64le"
},
"product_reference": "java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.ppc64le",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.s390x"
},
"product_reference": "java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.s390x",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.x86_64"
},
"product_reference": "java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64"
},
"product_reference": "java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le"
},
"product_reference": "java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.s390x"
},
"product_reference": "java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64"
},
"product_reference": "java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64"
},
"product_reference": "java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le"
},
"product_reference": "java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x"
},
"product_reference": "java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64"
},
"product_reference": "java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.aarch64"
},
"product_reference": "java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.aarch64",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.ppc64le"
},
"product_reference": "java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.ppc64le",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.s390x"
},
"product_reference": "java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.s390x",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.x86_64"
},
"product_reference": "java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.aarch64"
},
"product_reference": "java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.aarch64",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.ppc64le"
},
"product_reference": "java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.ppc64le",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.s390x"
},
"product_reference": "java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.s390x",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.x86_64"
},
"product_reference": "java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.aarch64"
},
"product_reference": "java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.aarch64",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.ppc64le"
},
"product_reference": "java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.ppc64le",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.s390x"
},
"product_reference": "java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.s390x",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.x86_64"
},
"product_reference": "java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64"
},
"product_reference": "java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le"
},
"product_reference": "java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x"
},
"product_reference": "java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64"
},
"product_reference": "java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.aarch64"
},
"product_reference": "java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.aarch64",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.ppc64le"
},
"product_reference": "java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.ppc64le",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.s390x"
},
"product_reference": "java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.s390x",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.x86_64"
},
"product_reference": "java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.aarch64"
},
"product_reference": "java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.aarch64",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.ppc64le"
},
"product_reference": "java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.ppc64le",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.s390x"
},
"product_reference": "java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.s390x",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.x86_64"
},
"product_reference": "java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-21248",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-01-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2041801"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: Incomplete deserialization class filtering in ObjectInputStream (Serialization, 8264934)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.src",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-21248"
},
{
"category": "external",
"summary": "RHBZ#2041801",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041801"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-21248",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21248"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-21248",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21248"
}
],
"release_date": "2022-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-24T09:45:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of OpenJDK Java must be restarted for this update to take effect.",
"product_ids": [
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.src",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0209"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.src",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: Incomplete deserialization class filtering in ObjectInputStream (Serialization, 8264934)"
},
{
"cve": "CVE-2022-21277",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-01-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2041479"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: Incorrect reading of TIFF files in TIFFNullDecompressor (ImageIO, 8270952)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.src",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-21277"
},
{
"category": "external",
"summary": "RHBZ#2041479",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041479"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-21277",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21277"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-21277",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21277"
}
],
"release_date": "2022-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-24T09:45:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of OpenJDK Java must be restarted for this update to take effect.",
"product_ids": [
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.src",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0209"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.src",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: Incorrect reading of TIFF files in TIFFNullDecompressor (ImageIO, 8270952)"
},
{
"cve": "CVE-2022-21282",
"cwe": {
"id": "CWE-212",
"name": "Improper Removal of Sensitive Information Before Storage or Transfer"
},
"discovery_date": "2022-01-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2041435"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: Insufficient URI checks in the XSLT TransformerImpl (JAXP, 8270492)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.src",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-21282"
},
{
"category": "external",
"summary": "RHBZ#2041435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041435"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-21282",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21282"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-21282",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21282"
}
],
"release_date": "2022-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-24T09:45:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of OpenJDK Java must be restarted for this update to take effect.",
"product_ids": [
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.src",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0209"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.src",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: Insufficient URI checks in the XSLT TransformerImpl (JAXP, 8270492)"
},
{
"cve": "CVE-2022-21283",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"discovery_date": "2022-01-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2041400"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: Unexpected exception thrown in regex Pattern (Libraries, 8268813)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.src",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-21283"
},
{
"category": "external",
"summary": "RHBZ#2041400",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041400"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-21283",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21283"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-21283",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21283"
}
],
"release_date": "2022-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-24T09:45:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of OpenJDK Java must be restarted for this update to take effect.",
"product_ids": [
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.src",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0209"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.src",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: Unexpected exception thrown in regex Pattern (Libraries, 8268813)"
},
{
"cve": "CVE-2022-21291",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-01-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2041831"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: Incorrect marking of writeable fields (Hotspot, 8270386)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.src",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-21291"
},
{
"category": "external",
"summary": "RHBZ#2041831",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041831"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-21291",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21291"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-21291",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21291"
}
],
"release_date": "2022-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-24T09:45:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of OpenJDK Java must be restarted for this update to take effect.",
"product_ids": [
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.src",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0209"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.src",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: Incorrect marking of writeable fields (Hotspot, 8270386)"
},
{
"cve": "CVE-2022-21293",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-01-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2041417"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: Incomplete checks of StringBuffer and StringBuilder during deserialization (Libraries, 8270392)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.src",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-21293"
},
{
"category": "external",
"summary": "RHBZ#2041417",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041417"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-21293",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21293"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-21293",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21293"
}
],
"release_date": "2022-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-24T09:45:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of OpenJDK Java must be restarted for this update to take effect.",
"product_ids": [
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.src",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0209"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.src",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: Incomplete checks of StringBuffer and StringBuilder during deserialization (Libraries, 8270392)"
},
{
"cve": "CVE-2022-21294",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-01-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2041427"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: Incorrect IdentityHashMap size checks during deserialization (Libraries, 8270416)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.src",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-21294"
},
{
"category": "external",
"summary": "RHBZ#2041427",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041427"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-21294",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21294"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-21294",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21294"
}
],
"release_date": "2022-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-24T09:45:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of OpenJDK Java must be restarted for this update to take effect.",
"product_ids": [
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.src",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0209"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.src",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: Incorrect IdentityHashMap size checks during deserialization (Libraries, 8270416)"
},
{
"cve": "CVE-2022-21296",
"cwe": {
"id": "CWE-212",
"name": "Improper Removal of Sensitive Information Before Storage or Transfer"
},
"discovery_date": "2022-01-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2041439"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: Incorrect access checks in XMLEntityManager (JAXP, 8270498)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.src",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-21296"
},
{
"category": "external",
"summary": "RHBZ#2041439",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041439"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-21296",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21296"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-21296",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21296"
}
],
"release_date": "2022-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-24T09:45:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of OpenJDK Java must be restarted for this update to take effect.",
"product_ids": [
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.src",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0209"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.src",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: Incorrect access checks in XMLEntityManager (JAXP, 8270498)"
},
{
"cve": "CVE-2022-21299",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2022-01-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2041472"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: Infinite loop related to incorrect handling of newlines in XMLEntityScanner (JAXP, 8270646)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.src",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-21299"
},
{
"category": "external",
"summary": "RHBZ#2041472",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041472"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-21299",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21299"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-21299",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21299"
}
],
"release_date": "2022-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-24T09:45:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of OpenJDK Java must be restarted for this update to take effect.",
"product_ids": [
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.src",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0209"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.src",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: Infinite loop related to incorrect handling of newlines in XMLEntityScanner (JAXP, 8270646)"
},
{
"cve": "CVE-2022-21305",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2022-01-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2041878"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: Array indexing issues in LIRGenerator (Hotspot, 8272014)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.src",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-21305"
},
{
"category": "external",
"summary": "RHBZ#2041878",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041878"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-21305",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21305"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-21305",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21305"
}
],
"release_date": "2022-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-24T09:45:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of OpenJDK Java must be restarted for this update to take effect.",
"product_ids": [
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.src",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0209"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.src",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: Array indexing issues in LIRGenerator (Hotspot, 8272014)"
},
{
"cve": "CVE-2022-21340",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-01-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2041884"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: Excessive resource use when reading JAR manifest attributes (Libraries, 8272026)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.src",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-21340"
},
{
"category": "external",
"summary": "RHBZ#2041884",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041884"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-21340",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21340"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-21340",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21340"
}
],
"release_date": "2022-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-24T09:45:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of OpenJDK Java must be restarted for this update to take effect.",
"product_ids": [
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.src",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0209"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.src",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: Excessive resource use when reading JAR manifest attributes (Libraries, 8272026)"
},
{
"cve": "CVE-2022-21341",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-01-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2041897"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: Insufficient checks when deserializing exceptions in ObjectInputStream (Serialization, 8272236)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.src",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-21341"
},
{
"category": "external",
"summary": "RHBZ#2041897",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041897"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-21341",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21341"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-21341",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21341"
}
],
"release_date": "2022-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-24T09:45:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of OpenJDK Java must be restarted for this update to take effect.",
"product_ids": [
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.src",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0209"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.src",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: Insufficient checks when deserializing exceptions in ObjectInputStream (Serialization, 8272236)"
},
{
"cve": "CVE-2022-21360",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-01-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2041491"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: Excessive memory allocation in BMPImageReader (ImageIO, 8273756)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.src",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-21360"
},
{
"category": "external",
"summary": "RHBZ#2041491",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041491"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-21360",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21360"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-21360",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21360"
}
],
"release_date": "2022-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-24T09:45:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of OpenJDK Java must be restarted for this update to take effect.",
"product_ids": [
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.src",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0209"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.src",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: Excessive memory allocation in BMPImageReader (ImageIO, 8273756)"
},
{
"cve": "CVE-2022-21365",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-01-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2041785"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: Integer overflow in BMPImageReader (ImageIO, 8273838)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.src",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-21365"
},
{
"category": "external",
"summary": "RHBZ#2041785",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041785"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-21365",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21365"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-21365",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21365"
}
],
"release_date": "2022-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-24T09:45:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of OpenJDK Java must be restarted for this update to take effect.",
"product_ids": [
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.src",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0209"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.src",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: Integer overflow in BMPImageReader (ImageIO, 8273838)"
},
{
"cve": "CVE-2022-21366",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-01-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2041789"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: Excessive memory allocation in TIFF*Decompressor (ImageIO, 8274096)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.src",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-21366"
},
{
"category": "external",
"summary": "RHBZ#2041789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-21366",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21366"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-21366",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21366"
}
],
"release_date": "2022-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-24T09:45:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of OpenJDK Java must be restarted for this update to take effect.",
"product_ids": [
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.src",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0209"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.src",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-debugsource-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-demo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-javadoc-zip-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-jmods-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-slowdebug-debuginfo-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-src-1:11.0.14.0.9-1.el8_2.x86_64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.aarch64",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.s390x",
"AppStream-8.2.0.Z.EUS:java-11-openjdk-static-libs-1:11.0.14.0.9-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: Excessive memory allocation in TIFF*Decompressor (ImageIO, 8274096)"
}
]
}
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.