Log

CVE-2021-21639 edited at 21 Apr 2021 12:30:11
Severity
- Low
+ Medium
Remote
- Local
+ Remote
References
https://www.jenkins.io/security/advisory/2021-04-07/#SECURITY-1721
- https://nvd.nist.gov/vuln/detail/CVE-2021-21639
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21639
https://www.openwall.com/lists/oss-security/2021/04/07/2
AVG-1781 edited at 21 Apr 2021 12:28:58
Advisory qualified
- Yes
+ No
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21640
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21641
- https://nvd.nist.gov/vuln/detail/CVE-2021-21624
- https://nvd.nist.gov/vuln/detail/CVE-2021-21639
- https://nvd.nist.gov/vuln/detail/CVE-2021-21640
- https://www.jenkins.io/security/advisory/2021-04-07/
- https://www.jenkins.io/security/advisory/2021-04-07/#SECURITY-1871
- https://www.jenkins.io/security/advisory/2021-04-07/#SECURITY-2293
AVG-1742 edited at 21 Apr 2021 12:21:49
Affected
- 0.8+15+ge8a3dd0-3
+ 0.8+20+gd1e71b3-1
CVE-2021-2163 edited at 21 Apr 2021 12:18:03
References
https://www.oracle.com/security-alerts/cpuapr2021verbose.html#JAVA
+ https://www.oracle.com/java/technologies/javase/16-0-1-relnotes.html
+ https://www.oracle.com/java/technologies/javase/11-0-11-relnotes.html
+ https://www.oracle.com/java/technologies/javase/8u291-relnotes.html
+ https://www.oracle.com/java/technologies/javase/7-support-relnotes.html#R170_301
CVE-2021-2161 edited at 21 Apr 2021 12:17:39
References
https://www.oracle.com/security-alerts/cpuapr2021verbose.html#JAVA
+ https://www.oracle.com/java/technologies/javase/16-0-1-relnotes.html
+ https://www.oracle.com/java/technologies/javase/11-0-11-relnotes.html
+ https://www.oracle.com/java/technologies/javase/8u291-relnotes.html
+ https://www.oracle.com/java/technologies/javase/7-support-relnotes.html#R170_301
AVG-1849 edited at 21 Apr 2021 12:14:34
Status
- Fixed
+ Vulnerable
Affected
- 8.u275-1
+ 8.u282-1
Fixed
- 8.u282-1
Advisory qualified
- No
+ Yes
AVG-1850 created at 21 Apr 2021 12:10:28
Packages
+ jdk7-openjdk
+ jre7-openjdk
+ jre7-openjdk-headless
Issues
+ CVE-2021-2161
+ CVE-2021-2163
Status
+ Vulnerable
Severity
+ Medium
Affected
+ 7.u261_2.6.22-1
Fixed
Ticket
Advisory qualified
+ Yes
References
Notes
AVG-1849 created at 21 Apr 2021 12:09:53
Packages
+ jdk8-openjdk
+ jre8-openjdk
+ jre8-openjdk-headless
Issues
+ CVE-2021-2161
+ CVE-2021-2163
Status
+ Fixed
Severity
+ Medium
Affected
+ 8.u275-1
Fixed
+ 8.u282-1
Ticket
Advisory qualified
+ No
References
Notes
AVG-1848 created at 21 Apr 2021 12:08:46
Packages
+ jdk11-openjdk
+ jre11-openjdk
+ jre11-openjdk-headless
Issues
+ CVE-2021-2161
+ CVE-2021-2163
Status
+ Vulnerable
Severity
+ Medium
Affected
+ 11.0.10.u9-1
Fixed
Ticket
Advisory qualified
+ Yes
References
Notes
CVE-2021-2163 edited at 21 Apr 2021 12:07:33
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Remote
Type
- Unknown
+ Arbitrary filesystem access
Description
+ Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u291, 8u281, 11.0.10, 16; Java SE Embedded: 8u281; Oracle GraalVM Enterprise Edition: 19.3.5, 20.3.1.2 and 21.0.0.2. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition accessible data.
+
+ Note: This vulnerability applies to Java deployments that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security.
References
+ https://www.oracle.com/security-alerts/cpuapr2021verbose.html#JAVA
Notes