Waitman Gobble XMPP wago@ee.smq.io irc://irc.y0m4m4.com/waitman,isnick

CVE-2021-35556 Details

Return To CVE Listing for 2021

NameCVE-2021-35556
StatusCandidate
DescriptionVulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Swing). Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
ReferencesCONFIRM: https://security.netapp.com/advisory/ntap-20211022-0004/
DEBIAN:DSA-5000
URL: https://www.debian.org/security/2021/dsa-5000
DEBIAN:DSA-5012
URL: https://www.debian.org/security/2021/dsa-5012
FEDORA:FEDORA-2021-107c8c5063
URL: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/
FEDORA:FEDORA-2021-1cc8ffd122
URL: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/
FEDORA:FEDORA-2021-35145352b0
URL: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7WTVCIVHTX3XONYOEGUMLKCM4QEC6INT/
FEDORA:FEDORA-2021-7701833090
URL: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/
FEDORA:FEDORA-2021-9a51a6f8b1
URL: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V362B2BWTH5IJDL45QPQGMBKIQOG7JX5/
FEDORA:FEDORA-2021-eb3e3e87d3
URL: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DJILEHYV2U37HKMGFEQ7CAVOV4DUWW2O/
MISC: https://www.oracle.com/security-alerts/cpuoct2021.html
URL: https://www.oracle.com/security-alerts/cpuoct2021.html
MLIST:[debian-lts-announce] 20211109 [SECURITY] [DLA 2814-1] openjdk-8 security update
URL: https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html
PhaseAssigned (20210628)
VotesNone (candidate not yet proposed)
Comments


Copyright © 1999–2021, The MITRE Corporation

LICENSE

Submissions: For all materials you submit to the Common Vulnerabilities and Exposures (CVE®), you hereby grant to The MITRE Corporation (MITRE) and all CVE Numbering Authorities (CNAs) a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute such materials and derivative works. Unless required by applicable law or agreed to in writing, you provide such materials on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE.

CVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.

DISCLAIMERS

ALL DOCUMENTS AND THE INFORMATION CONTAINED THEREIN PROVIDED BY MITRE ARE PROVIDED ON AN "AS IS" BASIS AND THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE MITRE CORPORATION, ITS BOARD OF TRUSTEES, OFFICERS, AGENTS, AND EMPLOYEES, DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION THEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

Return To CVE Listing for 2021