RHSA-2017:3046HighCVSS 9.8

Red Hat Security Advisory: java-1.7.0-oracle security update

Published
October 24, 2017
Last Modified
June 29, 2026

🔗 CVE IDs covered (20)

📋 Description

CVE-2016-9840 — zlib: Out-of-bound pointer arithmetic in inftrees.c CVE-2016-9841 — zlib: Out-of-bounds pointer arithmetic in inffast.c CVE-2016-9842 — zlib: Undefined left shift of negative number CVE-2016-9843 — zlib: Big-endian out-of-bounds pointer CVE-2016-10165 — lcms2: Out-of-bounds read in Type_MLU_Read() CVE-2017-10274 — OpenJDK: CardImpl incorrect state handling (Smart Card IO, 8169026) CVE-2017-10281 — OpenJDK: multiple unbounded memory allocations in deserialization (Serialization, 8174109) CVE-2017-10285 — OpenJDK: incorrect privilege use when handling unreferenced objects (RMI, 8174966) CVE-2017-10293 — JDK: unspecified vulnerability fixed in 6u171, 7u161, 8u151, and 9.0.1 (Javadoc) CVE-2017-10295 — OpenJDK: HTTP client insufficient check for newline in URLs (Networking, 8176751) CVE-2017-10345 — OpenJDK: unbounded resource use in JceKeyStore deserialization (Serialization, 8181370) CVE-2017-10346 — OpenJDK: insufficient loader constraints checks for invokespecial (Hotspot, 8180711) CVE-2017-10347 — OpenJDK: unbounded memory allocation in SimpleTimeZone deserialization (Serialization, 8181323) CVE-2017-10348 — OpenJDK: multiple unbounded memory allocations in deserialization (Libraries, 8181432) CVE-2017-10349 — OpenJDK: unbounded memory allocation in PredicatedNodeTest deserialization (JAXP, 8181327) CVE-2017-10350 — OpenJDK: unbounded memory allocation in JAXWSExceptionBase deserialization (JAX-WS, 8181100) CVE-2017-10355 — OpenJDK: no default network operations timeouts in FtpClient (Networking, 8181612) CVE-2017-10356 — OpenJDK: weak protection of key stores against brute forcing (Security, 8181692) CVE-2017-10357 — OpenJDK: unbounded memory allocation in ObjectInputStream deserialization (Serialization, 8181597) CVE-2017-10388 — OpenJDK: use of unprotected sname in Kerberos client (Libraries, 8178794)

🔗 References (26)