Out-of-bounds Write Affecting java-11-openjdk-javadoc-zip package, versions <1:11.0.25.0.9-2.el8
Threat Intelligence
EPSS
0.04% (6th
percentile)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-ALMALINUX8-JAVA11OPENJDKJAVADOCZIP-8232715
- published 18 Oct 2024
- disclosed 16 Oct 2024
Introduced: 16 Oct 2024
New CVE-2023-48161 Open this link in a new tabHow to fix?
Upgrade AlmaLinux:8
java-11-openjdk-javadoc-zip
to version 1:11.0.25.0.9-2.el8 or higher.
This issue was patched in ALSA-2024:8121
.
NVD Description
Note: Versions mentioned in the description apply only to the upstream java-11-openjdk-javadoc-zip
package and not the java-11-openjdk-javadoc-zip
package as distributed by AlmaLinux
.
See How to fix?
for AlmaLinux:8
relevant fixed versions and status.
Buffer Overflow vulnerability in GifLib Project GifLib v.5.2.1 allows a local attacker to obtain sensitive information via the DumpSCreen2RGB function in gif2rgb.c
References
- https://errata.almalinux.org/8/ALSA-2024-8117.html
- https://errata.almalinux.org/9/ALSA-2024-8117.html
- https://errata.almalinux.org/8/ALSA-2024-8121.html
- https://errata.almalinux.org/9/ALSA-2024-8121.html
- https://errata.almalinux.org/8/ALSA-2024-8124.html
- https://errata.almalinux.org/9/ALSA-2024-8124.html
- https://errata.almalinux.org/8/ALSA-2024-8127.html
- https://errata.almalinux.org/9/ALSA-2024-8127.html
- https://access.redhat.com/security/cve/CVE-2023-48161
- https://access.redhat.com/errata/RHSA-2024:8117
- https://access.redhat.com/errata/RHSA-2024:8121
- https://access.redhat.com/errata/RHSA-2024:8124
- https://access.redhat.com/errata/RHSA-2024:8127
- https://github.com/tacetool/TACE#cve-2023-48161
- https://sourceforge.net/p/giflib/bugs/167/
CVSS Scores
version 3.1