- Home
- CVEs with nessus.description==Security Fix(es) :
- OpenJDK: insufficient index validation in PatternSyntaxException getMessage() (Concurrency, 8199547) (CVE-2018-2952)
Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website.
Bug Fix(es) :
- This update applies changes from OpenJDK upstream version 8u172, which provides a number of bug fixes over the previous version, 8u171.
- OpenJDK was recently updated to support reading the system certificate authority database (cacerts) directly. As an unintended consequence, this removed the ability to read certificates from the user-provided jssecacerts file. With this update, that ability is restored by reading from that file first, if available.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top