Improper Input Validation Affecting openjdk-8 package, versions <8u45-b14-1
Threat Intelligence
EPSS
0.92% (84th
percentile)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-DEBIANUNSTABLE-OPENJDK8-383863
- published 9 Nov 2015
- disclosed 9 Nov 2015
How to fix?
Upgrade Debian:unstable
openjdk-8
to version 8u45-b14-1 or higher.
NVD Description
Note: Versions mentioned in the description apply only to the upstream openjdk-8
package and not the openjdk-8
package as distributed by Debian
.
See How to fix?
for Debian:unstable
relevant fixed versions and status.
A .desktop file in the Debian openjdk-7 package 7u79-2.5.5-1~deb8u1 includes a MIME type registration that is added to /etc/mailcap by mime-support, which allows remote attackers to execute arbitrary code via a JAR file.
CVSS Scores
version 3.1