Read Time:56 Second

Ben Smyth discovered that OpenJDK incorrectly handled half-duplex
connections during TLS handshake. A remote attacker could possibly use
this issue to insert, edit or obtain sensitive information.
(CVE-2023-21930)

It was discovered that OpenJDK incorrectly handled certain inputs. An
attacker could possibly use this issue to insert, edit or obtain sensitive
information. (CVE-2023-21937)

It was discovered that OpenJDK incorrectly handled command arguments. An
attacker could possibly use this issue to insert, edit or obtain sensitive
information. (CVE-2023-21938)

It was discovered that OpenJDK incorrectly validated HTML documents. An
attacker could possibly use this issue to insert, edit or obtain sensitive
information. (CVE-2023-21939)

Ramki Ramakrishna discovered that OpenJDK incorrectly handled garbage
collection. An attacker could possibly use this issue to bypass Java
sandbox restrictions. (CVE-2023-21954)

Jonathan Looney discovered that OpenJDK incorrectly handled certificate
chains during TLS session negotiation. A remote attacker could possibly
use this issue to cause a denial of service. (CVE-2023-21967)

Adam Reziouk discovered that OpenJDK incorrectly sanitized URIs. An
attacker could possibly use this issue to bypass Java sandbox
restrictions. (CVE-2023-21968)

Read More

More Stories

freeipa-4.12.2-3.fc40

FEDORA-2025-6baf694c75 Packages in this update: freeipa-4.12.2-3.fc40 Update description: CVE-2024-11029 Release note: https://www.freeipa.org/release-notes/4-12-3.html Read More

freeipa-4.12.2-7.fc41

FEDORA-2025-b21777d1b5 Packages in this update: freeipa-4.12.2-7.fc41 Update description: CVE-2024-11029 Release note: https://www.freeipa.org/release-notes/4-12-3.html Read More