Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

SUSE: 2023:5298-1 Important: python-3_9_0 Network Vulnerabilities Patch

suse
Calendar Grey November 29, 2022
Dist Suse Esm H88
SUSE releases a security patch for java-1_8_0-ibm addressing multiple vulnerabilities, classified as moderate in severity.
An update that solves 6 vulnerabilities and has one errata is now available

Summary

This update for java-1_8_0-ibm fixes the following issues: - CVE-2022-21626: An unauthenticated attacker with network access via HTTPS can compromise Oracle Java SE, Oracle GraalVM Enterprise Edition (bsc#1204471). - CVE-2022-21618: An unauthenticated attacker with network access via Kerberos can compromise Oracle Java SE, Oracle GraalVM Enterprise Edition (bsc#1204468). - CVE-2022-21619: An unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE (bsc#1204473). - CVE-2022-21628: An unauthenticated attacker with network access via HTTP can compromise Oracle Java SE, Oracle GraalVM Enterprise Edition (bsc#1204472). - CVE-2022-21624: An unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM

Topics%20covered

Topics Covered

security advisory moderate software patch SUSE Java update SUSE Linux Enterprise network weaknesses

References

#1204468 #1204471 #1204472 #1204473 #1204475

#1204480 #1205302

Cross- CVE-2022-21618 CVE-2022-21619 CVE-2022-21624

CVE-2022-21626 CVE-2022-21628 CVE-2022-39399

CVSS scores:

CVE-2022-21618 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CVE-2022-21618 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CVE-2022-21619 (NVD) : 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

CVE-2022-21619 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

CVE-2022-21624 (NVD) : 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

CVE-2022-21624 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

CVE-2022-21626 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CVE-2022-21626 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2022:4290-1
Rating: moderate

Topics%20covered

Topics Covered

security advisory moderate software patch SUSE Java update SUSE Linux Enterprise network weaknesses

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here