admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2021/35xxx/CVE-2021-35565.json
CVE Team b6eb3e68dd
"-Synchronized-Data."
2022-09-07 05:00:34 +00:00

136 lines
6.5 KiB
JSON
Raw Blame History

{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2021-35565",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java SE JDK and JRE",
"version": {
"version_data": [
{
"version_value": "Java SE:7u311",
"version_affected": "="
},
{
"version_value": "Java SE:8u301",
"version_affected": "="
},
{
"version_value": "Java SE:11.0.12",
"version_affected": "="
},
{
"version_value": "Oracle GraalVM Enterprise Edition:20.3.3",
"version_affected": "="
},
{
"version_value": "Oracle GraalVM Enterprise Edition:21.2.0",
"version_affected": "="
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromise Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
}
]
},
"impact": {
"cvss": {
"baseScore": "5.3",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromise Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Oracle GraalVM Enterprise Edition."
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20211022-0004/",
"url": "https://security.netapp.com/advisory/ntap-20211022-0004/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2021-35145352b0",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7WTVCIVHTX3XONYOEGUMLKCM4QEC6INT/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2021-7701833090",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2021-9a51a6f8b1",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V362B2BWTH5IJDL45QPQGMBKIQOG7JX5/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2021-1cc8ffd122",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2021-eb3e3e87d3",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DJILEHYV2U37HKMGFEQ7CAVOV4DUWW2O/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2021-107c8c5063",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/"
},
{
"refsource": "DEBIAN",
"name": "DSA-5000",
"url": "https://www.debian.org/security/2021/dsa-5000"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20211109 [SECURITY] [DLA 2814-1] openjdk-8 security update",
"url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html"
},
{
"refsource": "GENTOO",
"name": "GLSA-202209-05",
"url": "https://security.gentoo.org/glsa/202209-05"
}
]
}
}
Reference in New Issue View Git Blame Copy Permalink