CVE-2023-22067
Description
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: CORBA). Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf; Oracle GraalVM Enterprise Edition: 20.3.11 and 21.3.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via CORBA to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).
Affected products
94- Range: = 8u381, 8u381-perf
- Range: = 20.3.11, 21.3.7
- osv-coords91 versionspkg:apk/chainguard/openjdk-11-openj9pkg:apk/chainguard/openjdk-11-openj9-dbgpkg:apk/chainguard/openjdk-11-openj9-default-jdkpkg:apk/chainguard/openjdk-11-openj9-default-jvmpkg:apk/chainguard/openjdk-11-openj9-default-policypkg:apk/chainguard/openjdk-11-openj9-docpkg:apk/chainguard/openjdk-11-openj9-jmodspkg:apk/chainguard/openjdk-11-openj9-jrepkg:apk/chainguard/openjdk-17-openj9pkg:apk/chainguard/openjdk-17-openj9-dbgpkg:apk/chainguard/openjdk-17-openj9-default-jdkpkg:apk/chainguard/openjdk-17-openj9-default-jvmpkg:apk/chainguard/openjdk-17-openj9-default-policypkg:apk/chainguard/openjdk-17-openj9-docpkg:apk/chainguard/openjdk-17-openj9-jmodspkg:apk/chainguard/openjdk-17-openj9-jrepkg:apk/chainguard/openjdk-21-openj9pkg:apk/chainguard/openjdk-21-openj9-dbgpkg:apk/chainguard/openjdk-21-openj9-default-jdkpkg:apk/chainguard/openjdk-21-openj9-default-jvmpkg:apk/chainguard/openjdk-21-openj9-default-policypkg:apk/chainguard/openjdk-21-openj9-docpkg:apk/chainguard/openjdk-21-openj9-jmodspkg:apk/chainguard/openjdk-21-openj9-jrepkg:apk/chainguard/openjdk-25-openj9-jmodspkg:apk/chainguard/openjdk-26-openj9-jrepkg:apk/chainguard/openjdk-8-openj9pkg:apk/chainguard/openjdk-8-openj9-dbgpkg:apk/chainguard/openjdk-8-openj9-default-jdkpkg:apk/chainguard/openjdk-8-openj9-default-jvmpkg:apk/chainguard/openjdk-8-openj9-docpkg:apk/chainguard/openjdk-8-openj9-jrepkg:bitnami/javapkg:bitnami/java-minpkg:bitnami/jrepkg:rpm/almalinux/java-1.8.0-openjdkpkg:rpm/almalinux/java-1.8.0-openjdk-accessibilitypkg:rpm/almalinux/java-1.8.0-openjdk-accessibility-fastdebugpkg:rpm/almalinux/java-1.8.0-openjdk-accessibility-slowdebugpkg:rpm/almalinux/java-1.8.0-openjdk-demopkg:rpm/almalinux/java-1.8.0-openjdk-demo-fastdebugpkg:rpm/almalinux/java-1.8.0-openjdk-demo-slowdebugpkg:rpm/almalinux/java-1.8.0-openjdk-develpkg:rpm/almalinux/java-1.8.0-openjdk-devel-fastdebugpkg:rpm/almalinux/java-1.8.0-openjdk-devel-slowdebugpkg:rpm/almalinux/java-1.8.0-openjdk-fastdebugpkg:rpm/almalinux/java-1.8.0-openjdk-headlesspkg:rpm/almalinux/java-1.8.0-openjdk-headless-fastdebugpkg:rpm/almalinux/java-1.8.0-openjdk-headless-slowdebugpkg:rpm/almalinux/java-1.8.0-openjdk-javadocpkg:rpm/almalinux/java-1.8.0-openjdk-javadoc-zippkg:rpm/almalinux/java-1.8.0-openjdk-slowdebugpkg:rpm/almalinux/java-1.8.0-openjdk-srcpkg:rpm/almalinux/java-1.8.0-openjdk-src-fastdebugpkg:rpm/almalinux/java-1.8.0-openjdk-src-slowdebugpkg:rpm/opensuse/java-1_8_0-ibm&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/java-1_8_0-ibm&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/java-1_8_0-openj9&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/java-1_8_0-openj9&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/java-1_8_0-openj9&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/java-1_8_0-openjdk&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/java-1_8_0-openjdk&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/java-1_8_0-openjdk&distro=openSUSE%20Tumbleweedpkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-ESPOSpkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP4pkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP5pkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSSpkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1pkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/java-1_8_0-openj9&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP5pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-ESPOSpkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP4pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP5pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSSpkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3
< 0.53.0-r0+ 90 more
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.48.0-r2
- (no CPE)range: < 0.48.0-r2
- (no CPE)range: < 0.48.0-r2
- (no CPE)range: < 0.48.0-r2
- (no CPE)range: < 0.48.0-r2
- (no CPE)range: < 0.48.0-r2
- (no CPE)range: < 0.48.0-r2
- (no CPE)range: < 0.48.0-r2
- (no CPE)range: < 0.59.0-r1
- (no CPE)range: < 0.59.0-r1
- (no CPE)range: < 0.53.0-r1
- (no CPE)range: < 0.53.0-r1
- (no CPE)range: < 0.53.0-r1
- (no CPE)range: < 0.53.0-r1
- (no CPE)range: < 0.53.0-r1
- (no CPE)range: < 0.53.0-r1
- (no CPE)range: < 1.8.0
- (no CPE)range: < 1.8.0
- (no CPE)range: < 1.8.0
- (no CPE)range: < 1:1.8.0.392.b08-4.el8
- (no CPE)range: < 1:1.8.0.392.b08-4.el8
- (no CPE)range: < 1:1.8.0.392.b08-4.el8
- (no CPE)range: < 1:1.8.0.392.b08-4.el8
- (no CPE)range: < 1:1.8.0.392.b08-4.el8
- (no CPE)range: < 1:1.8.0.392.b08-4.el8
- (no CPE)range: < 1:1.8.0.392.b08-4.el8
- (no CPE)range: < 1:1.8.0.392.b08-4.el8
- (no CPE)range: < 1:1.8.0.392.b08-4.el8
- (no CPE)range: < 1:1.8.0.392.b08-4.el8
- (no CPE)range: < 1:1.8.0.392.b08-4.el8
- (no CPE)range: < 1:1.8.0.392.b08-4.el8
- (no CPE)range: < 1:1.8.0.392.b08-4.el8
- (no CPE)range: < 1:1.8.0.392.b08-4.el8
- (no CPE)range: < 1:1.8.0.392.b08-4.el8
- (no CPE)range: < 1:1.8.0.392.b08-4.el8
- (no CPE)range: < 1:1.8.0.392.b08-4.el8
- (no CPE)range: < 1:1.8.0.392.b08-4.el8
- (no CPE)range: < 1:1.8.0.392.b08-4.el8
- (no CPE)range: < 1:1.8.0.392.b08-4.el8
- (no CPE)range: < 1.8.0_sr8.15-150000.3.83.1
- (no CPE)range: < 1.8.0_sr8.15-150000.3.83.1
- (no CPE)range: < 1.8.0.392-150200.3.39.1
- (no CPE)range: < 1.8.0.392-150200.3.39.1
- (no CPE)range: < 1.8.0.392-1.1
- (no CPE)range: < 1.8.0.392-150000.3.85.1
- (no CPE)range: < 1.8.0.392-150000.3.85.1
- (no CPE)range: < 1.8.0.392-1.1
- (no CPE)range: < 1.8.0_sr8.15-150000.3.83.1
- (no CPE)range: < 1.8.0_sr8.15-150000.3.83.1
- (no CPE)range: < 1.8.0_sr8.15-150000.3.83.1
- (no CPE)range: < 1.8.0_sr8.15-150000.3.83.1
- (no CPE)range: < 1.8.0_sr8.15-150000.3.83.1
- (no CPE)range: < 1.8.0_sr8.15-30.117.1
- (no CPE)range: < 1.8.0_sr8.15-150000.3.83.1
- (no CPE)range: < 1.8.0_sr8.15-150000.3.83.1
- (no CPE)range: < 1.8.0_sr8.15-150000.3.83.1
- (no CPE)range: < 1.8.0_sr8.15-30.117.1
- (no CPE)range: < 1.8.0_sr8.15-150000.3.83.1
- (no CPE)range: < 1.8.0_sr8.15-150000.3.83.1
- (no CPE)range: < 1.8.0_sr8.15-150000.3.83.1
- (no CPE)range: < 1.8.0_sr8.15-30.117.1
- (no CPE)range: < 1.8.0.392-150200.3.39.1
- (no CPE)range: < 1.8.0.392-150000.3.85.1
- (no CPE)range: < 1.8.0.392-150000.3.85.1
- (no CPE)range: < 1.8.0.392-150000.3.85.1
- (no CPE)range: < 1.8.0.392-150000.3.85.1
- (no CPE)range: < 1.8.0.392-150000.3.85.1
- (no CPE)range: < 1.8.0.392-27.93.1
- (no CPE)range: < 1.8.0.392-150000.3.85.1
- (no CPE)range: < 1.8.0.392-150000.3.85.1
- (no CPE)range: < 1.8.0.392-150000.3.85.1
- (no CPE)range: < 1.8.0.392-27.93.1
- (no CPE)range: < 1.8.0.392-150000.3.85.1
- (no CPE)range: < 1.8.0.392-150000.3.85.1
- (no CPE)range: < 1.8.0.392-150000.3.85.1
- Range: Oracle Java SE:8u381
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.