RHSA-2022:6999MediumCVSS 5.5

Red Hat Security Advisory: java-17-openjdk security and bug fix update

Published
October 20, 2022
Last Modified
June 29, 2026

🔗 CVE IDs covered (7)

📋 Description

CVE-2022-21618 — OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) CVE-2022-21619 — OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) CVE-2022-21624 — OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) CVE-2022-21626 — OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) CVE-2022-21628 — OpenJDK: HttpServer no connection count limit (Lightweight HTTP Server, 8286918) CVE-2022-33068 — harfbuzz: integer overflow in the component hb-ot-shape-fallback.cc CVE-2022-39399 — OpenJDK: missing SNI caching in HTTP/2 (Networking, 8289366)

🔗 References (10)