Oracle

Graalvm

173 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5

CVE-2022-21294

  • EPSS 0.22%
  • Published 19.01.2022 12:15:12
  • Last modified 21.11.2024 06:44:20

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4...

5

CVE-2022-21296

  • EPSS 0.26%
  • Published 19.01.2022 12:15:12
  • Last modified 21.11.2024 06:44:20

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and ...

5

CVE-2022-21299

  • EPSS 0.1%
  • Published 19.01.2022 12:15:12
  • Last modified 21.11.2024 06:44:21

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and ...

5

CVE-2022-21271

  • EPSS 0.45%
  • Published 19.01.2022 12:15:11
  • Last modified 21.11.2024 06:44:15

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13; Oracle GraalVM Enterprise Edition: 20.3.4 and 21....

5

CVE-2022-21277

  • EPSS 0.14%
  • Published 19.01.2022 12:15:11
  • Last modified 21.11.2024 06:44:16

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Eas...

5

CVE-2022-21282

  • EPSS 0.26%
  • Published 19.01.2022 12:15:11
  • Last modified 21.11.2024 06:44:17

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and ...

5

CVE-2022-21283

  • EPSS 0.19%
  • Published 19.01.2022 12:15:11
  • Last modified 21.11.2024 06:44:17

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. E...

4.3

CVE-2022-21248

  • EPSS 0.12%
  • Published 19.01.2022 12:15:10
  • Last modified 21.11.2024 06:44:11

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20...

6.5

CVE-2021-22959

Exploit
  • EPSS 0.21%
  • Published 15.11.2021 15:15:06
  • Last modified 21.11.2024 05:51:01

The parser in accepts requests with a space (SP) right after the header name before the colon. This can lead to HTTP Request Smuggling (HRS) in llhttp < v2.1.4 and < v6.0.6.

6.5

CVE-2021-22960

Exploit
  • EPSS 0.18%
  • Published 03.11.2021 20:15:08
  • Last modified 21.11.2024 05:51:01

The parse function in llhttp < 2.1.4 and < 6.0.6. ignores chunk extensions when parsing the body of chunked requests. This leads to HTTP Request Smuggling (HRS) under certain conditions.