FortiClient VulnerabilitySecurity Vulnerabilities fixed in OpenJDK RHSA-2018:3521
Description
The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix(es): * OpenJDK: Improper field access checks (Hotspot, 8199226) (CVE-2018-3169) * OpenJDK: Unrestricted access to scripting engine (Scripting, 8202936) (CVE-2018-3183) * OpenJDK: Incomplete enforcement of the trustURLCodebase restriction (JNDI, 8199177) (CVE-2018-3149) * OpenJDK: Incorrect handling of unsigned attributes in signed Jar manifests (Security, 8194534) (CVE-2018-3136) * OpenJDK: Leak of sensitive header data via HTTP redirect (Networking, 8196902) (CVE-2018-3139) * OpenJDK: Multi-Release attribute read from outside of the main manifest attributes (Utility, 8199171) (CVE-2018-3150) * OpenJDK: Missing endpoint identification algorithm check during TLS session resumption (JSSE, 8202613) (CVE-2018-3180) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Affected Applications
OpenJDK
CVE References
CVE-2018-3136 CVE-2018-3139 CVE-2018-3149 CVE-2018-3150 CVE-2018-3169 CVE-2018-3180 CVE-2018-3183Other References
https://access.redhat.com/errata/RHSA-2018:3521| ID | 55790 |
| Created | Jan 17, 2020 |
| Description Updated |
Dec 20, 2023 |
| Risk |
|
| Coverage | FortiClient |
| OS | Linux |
| Vendor | RedHat |
| Patch | auto |
| Application | OpenJDK |