org.graalvm.sdk:graal-sdk@20.3.16 vulnerabilities

  • latest version

    24.1.1

  • latest non vulnerable version

  • first published

    6 years ago

  • latest version published

    a month ago

  • licenses detected

  • package manager

Direct Vulnerabilities

Known vulnerabilities in the org.graalvm.sdk:graal-sdk package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • L
Improper Access Control

org.graalvm.sdk:graal-sdk is a high-performance JDK distribution designed to accelerate the execution of applications written in Java and other JVM languages along with support for JavaScript, Ruby, Python, and a number of other popular languages.

Affected versions of this package are vulnerable to Improper Access Control in the hotspot/compiler component. An attacker can compromise data integrity.

How to fix Improper Access Control?

Upgrade org.graalvm.sdk:graal-sdk to version 21.3.10, 22.0.1 or higher.

[,21.3.10) [22.0.0,22.0.1)
  • L
Denial of Service (DoS)

org.graalvm.sdk:graal-sdk is a high-performance JDK distribution designed to accelerate the execution of applications written in Java and other JVM languages along with support for JavaScript, Ruby, Python, and a number of other popular languages.

Affected versions of this package are vulnerable to Denial of Service (DoS) in the hotspot/runtime component.

How to fix Denial of Service (DoS)?

Upgrade org.graalvm.sdk:graal-sdk to version 21.3.10, 22.0.1 or higher.

[,21.3.10) [22.0.0,22.0.1)
  • H
Improper Privilege Management

org.graalvm.sdk:graal-sdk is a high-performance JDK distribution designed to accelerate the execution of applications written in Java and other JVM languages along with support for JavaScript, Ruby, Python, and a number of other popular languages.

Affected versions of this package are vulnerable to Improper Privilege Management in the security-libs/java.security component.

Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator).

How to fix Improper Privilege Management?

Upgrade org.graalvm.sdk:graal-sdk to version 21.3.9, 22.3.5 or higher.

[,21.3.9) [22.0.0,22.3.5)
  • M
Denial of Service (DoS)

org.graalvm.sdk:graal-sdk is a high-performance JDK distribution designed to accelerate the execution of applications written in Java and other JVM languages along with support for JavaScript, Ruby, Python, and a number of other popular languages.

Affected versions of this package are vulnerable to Denial of Service (DoS) in security-libs/javax.net.ssl, when running untrusted code.

How to fix Denial of Service (DoS)?

Upgrade org.graalvm.sdk:graal-sdk to version 21.1.0 or higher.

[17.0.0,21.1.0)