Oracle

Graalvm

176 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2022-21443

  • EPSS 0.06%
  • Veröffentlicht 19.04.2022 21:15:15
  • Zuletzt bearbeitet 21.11.2024 06:44:42

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20...

7.4

CVE-2021-44531

  • EPSS 0.08%
  • Veröffentlicht 24.02.2022 19:15:09
  • Zuletzt bearbeitet 21.11.2024 06:31:10

Accepting arbitrary Subject Alternative Name (SAN) types, unless a PKI is specifically defined to use a particular SAN type, can result in bypassing name-constrained intermediates. Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 was accepting U...

5.3

CVE-2021-44532

Exploit
  • EPSS 0.12%
  • Veröffentlicht 24.02.2022 19:15:09
  • Zuletzt bearbeitet 21.11.2024 06:31:10

Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 converts SANs (Subject Alternative Names) to a string format. It uses this string to check peer certificates against hostnames when validating connections. The string format was subject to an inje...

5.3

CVE-2021-44533

Exploit
  • EPSS 0.32%
  • Veröffentlicht 24.02.2022 19:15:09
  • Zuletzt bearbeitet 21.11.2024 06:31:10

Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 did not handle multi-value Relative Distinguished Names correctly. Attackers could craft certificate subjects containing a single-value Relative Distinguished Name that would be interpreted as a m...

5

CVE-2022-21349

  • EPSS 0.06%
  • Veröffentlicht 19.01.2022 12:15:15
  • Zuletzt bearbeitet 21.11.2024 06:44:28

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 7u321, 8u311; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily expl...

5

CVE-2022-21360

  • EPSS 0.11%
  • Veröffentlicht 19.01.2022 12:15:15
  • Zuletzt bearbeitet 21.11.2024 06:44:30

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 a...

5

CVE-2022-21365

  • EPSS 0.11%
  • Veröffentlicht 19.01.2022 12:15:15
  • Zuletzt bearbeitet 21.11.2024 06:44:31

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 a...

5

CVE-2022-21366

  • EPSS 0.14%
  • Veröffentlicht 19.01.2022 12:15:15
  • Zuletzt bearbeitet 21.11.2024 06:44:31

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Eas...

5

CVE-2022-21340

  • EPSS 6.46%
  • Veröffentlicht 19.01.2022 12:15:14
  • Zuletzt bearbeitet 21.11.2024 06:44:27

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4...

5

CVE-2022-21341

  • EPSS 0.11%
  • Veröffentlicht 19.01.2022 12:15:14
  • Zuletzt bearbeitet 21.11.2024 06:44:27

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20...