- EPSS 3.2%
- Veröffentlicht 19.04.2022 21:15:15
- Zuletzt bearbeitet 21.11.2024 06:44:40
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5,...
- EPSS 2.54%
- Veröffentlicht 19.04.2022 21:15:15
- Zuletzt bearbeitet 21.11.2024 06:44:41
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20...
CVE-2022-21443
- EPSS 2.71%
- Veröffentlicht 19.04.2022 21:15:15
- Zuletzt bearbeitet 21.11.2024 06:44:42
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20...
CVE-2021-44531
- EPSS 8.37%
- Veröffentlicht 24.02.2022 19:15:09
- Zuletzt bearbeitet 21.11.2024 06:31:10
Accepting arbitrary Subject Alternative Name (SAN) types, unless a PKI is specifically defined to use a particular SAN type, can result in bypassing name-constrained intermediates. Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 was accepting U...
CVE-2021-44532
- EPSS 10.36%
- Veröffentlicht 24.02.2022 19:15:09
- Zuletzt bearbeitet 21.11.2024 06:31:10
Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 converts SANs (Subject Alternative Names) to a string format. It uses this string to check peer certificates against hostnames when validating connections. The string format was subject to an inje...
CVE-2021-44533
- EPSS 9.36%
- Veröffentlicht 24.02.2022 19:15:09
- Zuletzt bearbeitet 21.11.2024 06:31:10
Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 did not handle multi-value Relative Distinguished Names correctly. Attackers could craft certificate subjects containing a single-value Relative Distinguished Name that would be interpreted as a m...
- EPSS 3.31%
- Veröffentlicht 19.01.2022 12:15:15
- Zuletzt bearbeitet 21.11.2024 06:44:28
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 7u321, 8u311; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily expl...
- EPSS 3.49%
- Veröffentlicht 19.01.2022 12:15:15
- Zuletzt bearbeitet 27.05.2026 15:16:20
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 a...
- EPSS 3.49%
- Veröffentlicht 19.01.2022 12:15:15
- Zuletzt bearbeitet 21.11.2024 06:44:31
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 a...
- EPSS 3.22%
- Veröffentlicht 19.01.2022 12:15:15
- Zuletzt bearbeitet 27.05.2026 15:16:21
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Eas...