java-17-amazon-corretto-devel vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the java-17-amazon-corretto-devel package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability	Vulnerable Version
L Out-of-bounds Write	<1:17.0.11+9-1.amzn2.1
L Improper Output Neutralization for Logs	<1:17.0.11+9-1.amzn2.1
L Integer Overflow or Wraparound	<1:17.0.11+9-1.amzn2.1
L Reliance on Reverse DNS Resolution for a Security-Critical Action	<1:17.0.11+9-1.amzn2.1
H Information Exposure Through Log Files	<1:17.0.10+7-1.amzn2.1
H CVE-2024-20925	<1:17.0.10+7-1.amzn2.1
H CVE-2024-20923	<1:17.0.10+7-1.amzn2.1
H Improper Input Validation	<1:17.0.10+7-1.amzn2.1
H Integer Overflow or Wraparound	<1:17.0.10+7-1.amzn2.1
H Improper Input Validation	<1:17.0.10+7-1.amzn2.1
H CVE-2024-20922	<1:17.0.10+7-1.amzn2.1
H Covert Timing Channel	<1:17.0.10+7-1.amzn2.1
H Improper Input Validation	<1:17.0.10+7-1.amzn2.1
M Out-of-Bounds	<1:17.0.9+8-1.amzn2.1
M Improper Certificate Validation	<1:17.0.9+8-1.amzn2.1
M Allocation of Resources Without Limits or Throttling	<1:17.0.8+7-1.amzn2.1
M Out-of-bounds Read	<1:17.0.8+7-1.amzn2.1
M Small Space of Random Values	<1:17.0.8+7-1.amzn2.1
M Out-of-bounds Read	<1:17.0.8+7-1.amzn2.1
M Directory Traversal	<1:17.0.8+7-1.amzn2.1
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:17.0.8+7-1.amzn2.1
M CVE-2023-22043	<1:17.0.8+7-1.amzn2.1
M Directory Traversal	<1:17.0.8+7-1.amzn2.1
H Improper Neutralization of Null Byte or NUL Character	<1:17.0.7+7-1.amzn2.1
H Improper Neutralization of Null Byte or NUL Character	<1:17.0.7+7-1.amzn2.1
H Improper Input Validation	<1:17.0.7+7-1.amzn2.1
H Improper Input Validation	<1:17.0.7+7-1.amzn2.1
H Improperly Implemented Security Check for Standard	<1:17.0.7+7-1.amzn2.1
H Improper Enforcement of Message Integrity During Transmission in a Communication Channel	<1:17.0.7+7-1.amzn2.1
H Information Exposure	<1:17.0.7+7-1.amzn2.1
M Reliance on File Name or Extension of Externally-Supplied File	<1:17.0.6+10-1.amzn2.1
M Deserialization of Untrusted Data	<1:17.0.6+10-1.amzn2.1
M Resource Exhaustion	<1:17.0.6+10-1.amzn2.1
M Allocation of Resources Without Limits or Throttling	<1:17.0.5+8-1.amzn2.1
M Resource Exhaustion	<1:17.0.5+8-1.amzn2.1
M Buffer Overflow	<1:17.0.5+8-1.amzn2.1
M Integer Coercion Error	<1:17.0.5+8-1.amzn2.1
M Authentication Bypass	<1:17.0.5+8-1.amzn2.1
M Use of Insufficiently Random Values	<1:17.0.5+8-1.amzn2.1
H Integer Coercion Error	<1:17.0.4+8-1.amzn2.1
H Inconsistency Between Implementation and Documented Design	<1:17.0.4+8-1.amzn2.1
H Improper Access Control	<1:17.0.4+8-1.amzn2.1
H Resource Leak	<1:17.0.4+8-1.amzn2.1
H Improper Use of Validation Framework	<1:17.0.3+6-1.amzn2.1
H Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')	<1:17.0.3+6-1.amzn2.1
H Resource Exhaustion	<1:17.0.3+6-1.amzn2.1
H Improper Verification of Cryptographic Signature	<1:17.0.3+6-1.amzn2.1
H Integer Underflow	<1:17.0.3+6-1.amzn2.1
M Allocation of Resources Without Limits or Throttling	<1:17.0.2+8-1.amzn2.1
M Integer Overflow or Wraparound	<1:17.0.2+8-1.amzn2.1
M Integer Overflow or Wraparound	<1:17.0.2+8-1.amzn2.1
M Improper Authorization	<1:17.0.2+8-1.amzn2.1
M Allocation of Resources Without Limits or Throttling	<1:17.0.2+8-1.amzn2.1
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:17.0.2+8-1.amzn2.1
M Improper Use of Validation Framework	<1:17.0.2+8-1.amzn2.1
M Out-of-bounds Write	<1:17.0.2+8-1.amzn2.1
M Allocation of Resources Without Limits or Throttling	<1:17.0.2+8-1.amzn2.1
M Uncaught Exception	<1:17.0.2+8-1.amzn2.1
M Allocation of Resources Without Limits or Throttling	<1:17.0.2+8-1.amzn2.1
M Deserialization of Untrusted Data	<1:17.0.2+8-1.amzn2.1
M Allocation of Resources Without Limits or Throttling	<1:17.0.2+8-1.amzn2.1
M Improper Use of Validation Framework	<1:17.0.2+8-1.amzn2.1
M Improper Cross-boundary Removal of Sensitive Data	<1:17.0.2+8-1.amzn2.1
C Deserialization of Untrusted Data	<1:17.0.1+12-3.amzn2.1
C Deserialization of Untrusted Data	<1:17.0.1+12-3.amzn2.1