ISHACK AI BOT

Huawei EulerOS: CVE-2022-41409: pcre2 security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 07/18/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input. Solution(s) huawei-euleros-2_0_sp9-upgrade-pcre2 References https://attackerkb.com/topics/cve-2022-41409 CVE - 2022-41409 EulerOS-SA-2023-2903

Oracle MySQL Vulnerability: CVE-2023-22033 Severity 6 CVSS (AV:N/AC:M/Au:M/C:N/I:N/A:C) Published 07/18/2023 Created 07/27/2023 Added 07/27/2023 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB).Supported versions that are affected are 8.0.33 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H). Solution(s) mysql-upgrade-latest References https://attackerkb.com/topics/cve-2023-22033 CVE - 2023-22033 https://www.oracle.com/security-alerts/cpujul2023.html

Oracle MySQL Vulnerability: CVE-2023-22054 Severity 6 CVSS (AV:N/AC:L/Au:M/C:N/I:N/A:C) Published 07/18/2023 Created 07/27/2023 Added 07/27/2023 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Solution(s) mysql-upgrade-latest References https://attackerkb.com/topics/cve-2023-22054 CVE - 2023-22054 https://www.oracle.com/security-alerts/cpujul2023.html

Amazon Linux AMI: CVE-2023-22045: Security patch for java-1.8.0-openjdk (ALAS-2023-1797) Severity 4 CVSS (AV:N/AC:M/Au:N/C:P/I:N/A:N) Published 07/18/2023 Created 08/10/2023 Added 08/09/2023 Modified 01/28/2025 Description Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot).Supported versions that are affected are Oracle Java SE: 8u371, 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK.Successful attacks of this vulnerability can result inunauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Confidentiality impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N). Solution(s) amazon-linux-upgrade-java-1-8-0-openjdk References ALAS-2023-1797 CVE-2023-22045

Oracle MySQL Vulnerability: CVE-2023-22053 Severity 7 CVSS (AV:N/AC:M/Au:S/C:P/I:N/A:C) Published 07/18/2023 Created 07/27/2023 Added 07/27/2023 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Client programs).Supported versions that are affected are 5.7.42 and prior and8.0.33 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server andunauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 5.9 (Confidentiality and Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H). Solution(s) mysql-upgrade-latest References https://attackerkb.com/topics/cve-2023-22053 CVE - 2023-22053 https://www.oracle.com/security-alerts/cpujul2023.html

Debian: CVE-2023-22045: openjdk-11, openjdk-17 -- security update Severity 4 CVSS (AV:N/AC:M/Au:N/C:P/I:N/A:N) Published 07/18/2023 Created 08/18/2023 Added 08/18/2023 Modified 01/28/2025 Description Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot).Supported versions that are affected are Oracle Java SE: 8u371, 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK.Successful attacks of this vulnerability can result inunauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Confidentiality impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N). Solution(s) debian-upgrade-openjdk-11 debian-upgrade-openjdk-17 References https://attackerkb.com/topics/cve-2023-22045 CVE - 2023-22045 DSA-5458-1 DSA-5478-1

Debian: CVE-2023-22044: openjdk-17 -- security update Severity 4 CVSS (AV:N/AC:M/Au:N/C:P/I:N/A:N) Published 07/18/2023 Created 10/20/2023 Added 10/19/2023 Modified 01/28/2025 Description Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot).Supported versions that are affected are Oracle Java SE: 8u371-perf, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK.Successful attacks of this vulnerability can result inunauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Confidentiality impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N). Solution(s) debian-upgrade-openjdk-17 References https://attackerkb.com/topics/cve-2023-22044 CVE - 2023-22044 DSA-5458-1

Debian: CVE-2023-22036: openjdk-11, openjdk-17 -- security update Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:P) Published 07/18/2023 Created 08/18/2023 Added 08/18/2023 Modified 01/28/2025 Description Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Utility).Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK.Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). Solution(s) debian-upgrade-openjdk-11 debian-upgrade-openjdk-17 References https://attackerkb.com/topics/cve-2023-22036 CVE - 2023-22036 DSA-5458-1 DSA-5478-1

Debian: CVE-2021-34119: htmldoc -- security update Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 07/18/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description A flaw was discovered in htmodoc 1.9.12 in function parse_paragraph in ps-pdf.cxx ,this flaw possibly allows possible code execution and a denial of service via a crafted file. Solution(s) debian-upgrade-htmldoc References https://attackerkb.com/topics/cve-2021-34119 CVE - 2021-34119

Debian: CVE-2021-33294: elfutils -- security update Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 07/18/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description In elfutils 0.183, an infinite loop was found in the function handle_symtab in readelf.c .Which allows attackers to cause a denial of service (infinite loop) via crafted file. Solution(s) debian-upgrade-elfutils References https://attackerkb.com/topics/cve-2021-33294 CVE - 2021-33294

Fortinet FortiAnalyzer: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') (CVE-2021-43072) Severity 7 CVSS (AV:L/AC:L/Au:M/C:C/I:C/A:C) Published 07/18/2023 Created 07/31/2023 Added 07/31/2023 Modified 01/30/2025 Description A buffer copy without checking size of input ('classic buffer overflow') in Fortinet FortiAnalyzer version 7.0.2 and below, version 6.4.7 and below, version 6.2.9 and below, version 6.0.11 and below, version 5.6.11 and below, FortiManager version 7.0.2 and below, version 6.4.7 and below, version 6.2.9 and below, version 6.0.11 and below, version 5.6.11 and below, FortiOS version 7.0.0 through 7.0.4, 6.4.0 through 6.4.8, 6.2.0 through 6.2.10, 6.0.x and FortiProxy version 7.0.0 through 7.0.3, 2.0.0 through 2.0.8, 1.2.x, 1.1.x and 1.0.x allows attacker to execute unauthorized code or commands via crafted CLI `execute restore image` and `execute certificate remote` operations with the tFTP protocol. Solution(s) fortinet-fortianalyzer-upgrade-6_4_8 fortinet-fortianalyzer-upgrade-7_0_3 References https://attackerkb.com/topics/cve-2021-43072 CVE - 2021-43072 https://fortiguard.com/advisory/FG-IR-21-206 https://www.fortiguard.com/psirt/FG-IR-21-206

Fortinet FortiOS: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') (CVE-2021-43072) Severity 7 CVSS (AV:L/AC:L/Au:M/C:C/I:C/A:C) Published 07/18/2023 Created 07/31/2023 Added 07/31/2023 Modified 01/30/2025 Description A buffer copy without checking size of input ('classic buffer overflow') in Fortinet FortiAnalyzer version 7.0.2 and below, version 6.4.7 and below, version 6.2.9 and below, version 6.0.11 and below, version 5.6.11 and below, FortiManager version 7.0.2 and below, version 6.4.7 and below, version 6.2.9 and below, version 6.0.11 and below, version 5.6.11 and below, FortiOS version 7.0.0 through 7.0.4, 6.4.0 through 6.4.8, 6.2.0 through 6.2.10, 6.0.x and FortiProxy version 7.0.0 through 7.0.3, 2.0.0 through 2.0.8, 1.2.x, 1.1.x and 1.0.x allows attacker to execute unauthorized code or commands via crafted CLI `execute restore image` and `execute certificate remote` operations with the tFTP protocol. Solution(s) fortios-upgrade-6_2_11 fortios-upgrade-6_4_9 fortios-upgrade-7_0_6 References https://attackerkb.com/topics/cve-2021-43072 CVE - 2021-43072 https://fortiguard.com/advisory/FG-IR-21-206 https://www.fortiguard.com/psirt/FG-IR-21-206

Fortinet FortiManager: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') (CVE-2021-43072) Severity 7 CVSS (AV:L/AC:L/Au:M/C:C/I:C/A:C) Published 07/18/2023 Created 08/09/2023 Added 08/04/2023 Modified 01/30/2025 Description A buffer copy without checking size of input ('classic buffer overflow') in Fortinet FortiAnalyzer version 7.0.2 and below, version 6.4.7 and below, version 6.2.9 and below, version 6.0.11 and below, version 5.6.11 and below, FortiManager version 7.0.2 and below, version 6.4.7 and below, version 6.2.9 and below, version 6.0.11 and below, version 5.6.11 and below, FortiOS version 7.0.0 through 7.0.4, 6.4.0 through 6.4.8, 6.2.0 through 6.2.10, 6.0.x and FortiProxy version 7.0.0 through 7.0.3, 2.0.0 through 2.0.8, 1.2.x, 1.1.x and 1.0.x allows attacker to execute unauthorized code or commands via crafted CLI `execute restore image` and `execute certificate remote` operations with the tFTP protocol. Solution(s) fortinet-fortimanager-upgrade-6_4_7 fortinet-fortimanager-upgrade-6_4_8 fortinet-fortimanager-upgrade-7_0_2 fortinet-fortimanager-upgrade-7_0_3 References https://attackerkb.com/topics/cve-2021-43072 CVE - 2021-43072 https://fortiguard.com/advisory/FG-IR-21-206 https://www.fortiguard.com/psirt/FG-IR-21-206

CentOS Linux: CVE-2023-21950: Moderate: mysql:8.0 security, bug fix, and enhancement update (CESA-2022:7119) Severity 6 CVSS (AV:N/AC:L/Au:M/C:N/I:N/A:C) Published 07/18/2023 Created 09/05/2023 Added 09/05/2023 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication).Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Solution(s) centos-upgrade-mecab centos-upgrade-mecab-debuginfo centos-upgrade-mecab-debugsource centos-upgrade-mecab-ipadic centos-upgrade-mecab-ipadic-eucjp centos-upgrade-mysql centos-upgrade-mysql-common centos-upgrade-mysql-debuginfo centos-upgrade-mysql-debugsource centos-upgrade-mysql-devel centos-upgrade-mysql-devel-debuginfo centos-upgrade-mysql-errmsg centos-upgrade-mysql-libs centos-upgrade-mysql-libs-debuginfo centos-upgrade-mysql-server centos-upgrade-mysql-server-debuginfo centos-upgrade-mysql-test centos-upgrade-mysql-test-debuginfo References CVE-2023-21950

CentOS Linux: CVE-2023-22006: Moderate: java-11-openjdk security and bug fix update (CESA-2023:4233) Severity 3 CVSS (AV:N/AC:H/Au:N/C:N/I:P/A:N) Published 07/18/2023 Created 07/21/2023 Added 07/21/2023 Modified 01/28/2025 Description Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Networking).Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK.Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result inunauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.1 (Integrity impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N). Solution(s) centos-upgrade-java-11-openjdk centos-upgrade-java-11-openjdk-debuginfo centos-upgrade-java-11-openjdk-demo centos-upgrade-java-11-openjdk-devel centos-upgrade-java-11-openjdk-headless centos-upgrade-java-11-openjdk-javadoc centos-upgrade-java-11-openjdk-javadoc-zip centos-upgrade-java-11-openjdk-jmods centos-upgrade-java-11-openjdk-src centos-upgrade-java-11-openjdk-static-libs References CVE-2023-22006

Huawei EulerOS: CVE-2022-33065: libsndfile security update Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 07/18/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description Multiple signed integers overflow in function au_read_header in src/au.c and in functions mat4_open and mat4_read_header in src/mat4.c in Libsndfile, allows an attacker to cause Denial of Service or other unspecified impacts. Solution(s) huawei-euleros-2_0_sp10-upgrade-libsndfile-utils-help References https://attackerkb.com/topics/cve-2022-33065 CVE - 2022-33065 EulerOS-SA-2024-1087

Ubuntu: (Multiple Advisories) (CVE-2023-22006): OpenJDK vulnerabilities Severity 3 CVSS (AV:N/AC:H/Au:N/C:N/I:P/A:N) Published 07/18/2023 Created 08/02/2023 Added 08/02/2023 Modified 01/28/2025 Description Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Networking).Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK.Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result inunauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.1 (Integrity impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N). Solution(s) ubuntu-upgrade-openjdk-11-jdk ubuntu-upgrade-openjdk-11-jre ubuntu-upgrade-openjdk-11-jre-headless ubuntu-upgrade-openjdk-11-jre-zero ubuntu-upgrade-openjdk-17-jdk ubuntu-upgrade-openjdk-17-jre ubuntu-upgrade-openjdk-17-jre-headless ubuntu-upgrade-openjdk-17-jre-zero ubuntu-upgrade-openjdk-20-jdk ubuntu-upgrade-openjdk-20-jre ubuntu-upgrade-openjdk-20-jre-headless ubuntu-upgrade-openjdk-20-jre-zero ubuntu-upgrade-openjdk-8-jdk ubuntu-upgrade-openjdk-8-jre ubuntu-upgrade-openjdk-8-jre-headless ubuntu-upgrade-openjdk-8-jre-zero References https://attackerkb.com/topics/cve-2023-22006 CVE - 2023-22006 USN-6263-1 USN-6263-2 USN-6272-1

VMware Photon OS: CVE-2022-41409 Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 07/18/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2022-41409 CVE - 2022-41409

Ubuntu: (Multiple Advisories) (CVE-2023-22036): OpenJDK vulnerabilities Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:P) Published 07/18/2023 Created 08/02/2023 Added 08/02/2023 Modified 01/28/2025 Description Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Utility).Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK.Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). Solution(s) ubuntu-upgrade-openjdk-11-jdk ubuntu-upgrade-openjdk-11-jre ubuntu-upgrade-openjdk-11-jre-headless ubuntu-upgrade-openjdk-11-jre-zero ubuntu-upgrade-openjdk-17-jdk ubuntu-upgrade-openjdk-17-jre ubuntu-upgrade-openjdk-17-jre-headless ubuntu-upgrade-openjdk-17-jre-zero ubuntu-upgrade-openjdk-20-jdk ubuntu-upgrade-openjdk-20-jre ubuntu-upgrade-openjdk-20-jre-headless ubuntu-upgrade-openjdk-20-jre-zero ubuntu-upgrade-openjdk-8-jdk ubuntu-upgrade-openjdk-8-jre ubuntu-upgrade-openjdk-8-jre-headless ubuntu-upgrade-openjdk-8-jre-zero References https://attackerkb.com/topics/cve-2023-22036 CVE - 2023-22036 USN-6263-1 USN-6263-2 USN-6272-1

Ubuntu: USN-6288-1 (CVE-2023-22056): MySQL vulnerabilities Severity 6 CVSS (AV:N/AC:L/Au:M/C:N/I:N/A:C) Published 07/18/2023 Created 08/16/2023 Added 08/16/2023 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Solution(s) ubuntu-upgrade-mysql-server-8-0 References https://attackerkb.com/topics/cve-2023-22056 CVE - 2023-22056 USN-6288-1

Ubuntu: USN-6288-1 (CVE-2023-22048): MySQL vulnerabilities Severity 4 CVSS (AV:N/AC:M/Au:S/C:P/I:N/A:N) Published 07/18/2023 Created 08/16/2023 Added 08/16/2023 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Pluggable Auth).Supported versions that are affected are 8.0.33 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result inunauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 3.1 (Confidentiality impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N). Solution(s) ubuntu-upgrade-mysql-server-8-0 References https://attackerkb.com/topics/cve-2023-22048 CVE - 2023-22048 USN-6288-1

Ubuntu: (Multiple Advisories) (CVE-2023-22045): OpenJDK vulnerabilities Severity 4 CVSS (AV:N/AC:M/Au:N/C:P/I:N/A:N) Published 07/18/2023 Created 08/02/2023 Added 08/02/2023 Modified 01/28/2025 Description Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot).Supported versions that are affected are Oracle Java SE: 8u371, 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK.Successful attacks of this vulnerability can result inunauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Confidentiality impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N). Solution(s) ubuntu-upgrade-openjdk-11-jdk ubuntu-upgrade-openjdk-11-jre ubuntu-upgrade-openjdk-11-jre-headless ubuntu-upgrade-openjdk-11-jre-zero ubuntu-upgrade-openjdk-17-jdk ubuntu-upgrade-openjdk-17-jre ubuntu-upgrade-openjdk-17-jre-headless ubuntu-upgrade-openjdk-17-jre-zero ubuntu-upgrade-openjdk-20-jdk ubuntu-upgrade-openjdk-20-jre ubuntu-upgrade-openjdk-20-jre-headless ubuntu-upgrade-openjdk-20-jre-zero ubuntu-upgrade-openjdk-8-jdk ubuntu-upgrade-openjdk-8-jre ubuntu-upgrade-openjdk-8-jre-headless ubuntu-upgrade-openjdk-8-jre-zero References https://attackerkb.com/topics/cve-2023-22045 CVE - 2023-22045 USN-6263-1 USN-6263-2 USN-6272-1

Ubuntu: USN-6288-1 (CVE-2023-22038): MySQL vulnerabilities Severity 3 CVSS (AV:N/AC:L/Au:M/C:N/I:P/A:N) Published 07/18/2023 Created 08/16/2023 Added 08/16/2023 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges).Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result inunauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 2.7 (Integrity impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N). Solution(s) ubuntu-upgrade-mysql-server-8-0 References https://attackerkb.com/topics/cve-2023-22038 CVE - 2023-22038 USN-6288-1

Red Hat: CVE-2023-22006: HTTP client insufficient file name validation (8302475) (Multiple Advisories) Severity 3 CVSS (AV:N/AC:H/Au:N/C:N/I:P/A:N) Published 07/18/2023 Created 07/21/2023 Added 07/21/2023 Modified 01/28/2025 Description Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Networking).Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK.Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result inunauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.1 (Integrity impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N). Solution(s) redhat-upgrade-java-11-openjdk redhat-upgrade-java-11-openjdk-debuginfo redhat-upgrade-java-11-openjdk-debugsource redhat-upgrade-java-11-openjdk-demo redhat-upgrade-java-11-openjdk-demo-fastdebug redhat-upgrade-java-11-openjdk-demo-slowdebug redhat-upgrade-java-11-openjdk-devel redhat-upgrade-java-11-openjdk-devel-debuginfo redhat-upgrade-java-11-openjdk-devel-fastdebug redhat-upgrade-java-11-openjdk-devel-fastdebug-debuginfo redhat-upgrade-java-11-openjdk-devel-slowdebug redhat-upgrade-java-11-openjdk-devel-slowdebug-debuginfo redhat-upgrade-java-11-openjdk-fastdebug redhat-upgrade-java-11-openjdk-fastdebug-debuginfo redhat-upgrade-java-11-openjdk-headless redhat-upgrade-java-11-openjdk-headless-debuginfo redhat-upgrade-java-11-openjdk-headless-fastdebug redhat-upgrade-java-11-openjdk-headless-fastdebug-debuginfo redhat-upgrade-java-11-openjdk-headless-slowdebug redhat-upgrade-java-11-openjdk-headless-slowdebug-debuginfo redhat-upgrade-java-11-openjdk-javadoc redhat-upgrade-java-11-openjdk-javadoc-zip redhat-upgrade-java-11-openjdk-jmods redhat-upgrade-java-11-openjdk-jmods-fastdebug redhat-upgrade-java-11-openjdk-jmods-slowdebug redhat-upgrade-java-11-openjdk-slowdebug redhat-upgrade-java-11-openjdk-slowdebug-debuginfo redhat-upgrade-java-11-openjdk-src redhat-upgrade-java-11-openjdk-src-fastdebug redhat-upgrade-java-11-openjdk-src-slowdebug redhat-upgrade-java-11-openjdk-static-libs redhat-upgrade-java-11-openjdk-static-libs-fastdebug redhat-upgrade-java-11-openjdk-static-libs-slowdebug redhat-upgrade-java-17-openjdk redhat-upgrade-java-17-openjdk-debuginfo redhat-upgrade-java-17-openjdk-debugsource redhat-upgrade-java-17-openjdk-demo redhat-upgrade-java-17-openjdk-demo-fastdebug redhat-upgrade-java-17-openjdk-demo-slowdebug redhat-upgrade-java-17-openjdk-devel redhat-upgrade-java-17-openjdk-devel-debuginfo redhat-upgrade-java-17-openjdk-devel-fastdebug redhat-upgrade-java-17-openjdk-devel-fastdebug-debuginfo redhat-upgrade-java-17-openjdk-devel-slowdebug redhat-upgrade-java-17-openjdk-devel-slowdebug-debuginfo redhat-upgrade-java-17-openjdk-fastdebug redhat-upgrade-java-17-openjdk-fastdebug-debuginfo redhat-upgrade-java-17-openjdk-headless redhat-upgrade-java-17-openjdk-headless-debuginfo redhat-upgrade-java-17-openjdk-headless-fastdebug redhat-upgrade-java-17-openjdk-headless-fastdebug-debuginfo redhat-upgrade-java-17-openjdk-headless-slowdebug redhat-upgrade-java-17-openjdk-headless-slowdebug-debuginfo redhat-upgrade-java-17-openjdk-javadoc redhat-upgrade-java-17-openjdk-javadoc-zip redhat-upgrade-java-17-openjdk-jmods redhat-upgrade-java-17-openjdk-jmods-fastdebug redhat-upgrade-java-17-openjdk-jmods-slowdebug redhat-upgrade-java-17-openjdk-slowdebug redhat-upgrade-java-17-openjdk-slowdebug-debuginfo redhat-upgrade-java-17-openjdk-src redhat-upgrade-java-17-openjdk-src-fastdebug redhat-upgrade-java-17-openjdk-src-slowdebug redhat-upgrade-java-17-openjdk-static-libs redhat-upgrade-java-17-openjdk-static-libs-fastdebug redhat-upgrade-java-17-openjdk-static-libs-slowdebug References CVE-2023-22006 RHSA-2023:4157 RHSA-2023:4158 RHSA-2023:4159 RHSA-2023:4164 RHSA-2023:4169 RHSA-2023:4170 RHSA-2023:4175 RHSA-2023:4177 RHSA-2023:4233 View more

Red Hat: CVE-2023-22053: mysql: Client programs unspecified vulnerability (CPU Jul 2023) (Multiple Advisories) Severity 6 CVSS (AV:N/AC:H/Au:S/C:P/I:N/A:C) Published 07/18/2023 Created 02/22/2024 Added 02/21/2024 Modified 09/03/2024 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Client programs).Supported versions that are affected are 5.7.42 and prior and8.0.33 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server andunauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 5.9 (Confidentiality and Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H). Solution(s) redhat-upgrade-mecab redhat-upgrade-mecab-debuginfo redhat-upgrade-mecab-debugsource redhat-upgrade-mecab-devel redhat-upgrade-mecab-ipadic redhat-upgrade-mecab-ipadic-eucjp redhat-upgrade-mysql redhat-upgrade-mysql-common redhat-upgrade-mysql-debuginfo redhat-upgrade-mysql-debugsource redhat-upgrade-mysql-devel redhat-upgrade-mysql-devel-debuginfo redhat-upgrade-mysql-errmsg redhat-upgrade-mysql-libs redhat-upgrade-mysql-libs-debuginfo redhat-upgrade-mysql-server redhat-upgrade-mysql-server-debuginfo redhat-upgrade-mysql-test redhat-upgrade-mysql-test-debuginfo References CVE-2023-22053 RHSA-2024:0894 RHSA-2024:1141