漏洞信息详情
Oracle Java SE 安全漏洞
- CNNVD编号:CNNVD-202010-973 <!--
- 危害等级: 低危-->
- 危害等级: 低危
- CVE编号: CVE-2020-14797
- 漏洞类型: 其他
- 发布时间: 2020-10-20
- 威胁类型: 远程
- 更新时间: 2021-11-25
- 厂 商:
- 漏洞来源: Gentoo
-
漏洞简介
Oracle Java SE是美国甲骨文(Oracle)公司的一款用于开发和部署桌面、服务器以及嵌入设备和实时环境中的Java应用程序。
Oracle Java SE 多版本Libraries 存在安全漏洞,该漏洞使未经身份验证的攻击者可以通过多种协议访问网络,从而损害Java SE,嵌入式Java SE,受影响产品及版本如下:Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261。
漏洞公告
目前厂商已发布升级补丁以修复漏洞,补丁获取链接:
https://www.oracle.com/security-alerts/cpuoct2020.html
参考网址
来源:DEBIAN
链接:https://www.debian.org/security/2020/dsa-4779
来源:SUSE
链接:http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00041.html
来源:MLIST
链接:https://lists.debian.org/debian-lts-announce/2020/10/msg00031.html
来源:GENTOO
链接:https://security.gentoo.org/glsa/202101-19
来源:CONFIRM
链接:https://security.netapp.com/advisory/ntap-20201023-0004/
来源:MISC
链接:https://www.oracle.com/security-alerts/cpuoct2020.html
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2021.0914
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2020.4058/
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-runtime-affect-ibm-integration-bus-and-ibm-app-connect-enterpise-v11-6/
来源:vigilance.fr
链接:https://vigilance.fr/vulnerability/Oracle-Java-OpenJDK-vulnerabilities-of-October-2020-33649
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2020.3648/
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/160571/Red-Hat-Security-Advisory-2020-5585-01.html
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-sdk-java-technology-edition-quarterly-cpu-oct-2020/
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-ibm-tivoli-system-automation-application-manager-oct-2020-cpu-cve-2020-14779cve-2020-14796-cve-2020-14797cve-2020-14798/
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/159678/Red-Hat-Security-Advisory-2020-4307-01.html
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2020.4454/
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2020.4389/
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-kenexa-lms-on-premise-ibm-sdk-java-technology-edition-quarterly-cpu-oct-2020-includes-oracle-oct-2020-cpu/
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-multiple-security-vulnerabilities-affect-ibm-websphere-application-server-in-ibm-cloud-4/
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-java-affects-ibm-cloud-application-business-insights/
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2020.4098/
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-ibm-tivoli-netcool-impact-3/
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-may-affect-ibm-sdk-java-technology-edition-6/
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affects-websphere-application-server-october-2020-cpu-that-is-bundled-with-ibm-websphere-application-server-patterns/
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2020.3664/
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-october-2020-affect-ibm-infosphere-information-server/
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-ibm-security-guardium-20/
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-runtime-affect-ibm-cics-tx-on-cloud-4/
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-content-collector-for-email-content-collector-for-file-systems-content-collector-for-microsoft-sharepoint-and-content-collector-for-14/
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-linux-kernel-and-java-affect-ibm-spectrum-protect-plus/
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2021.1216
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-runtime-affect-z-tpf-5/
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-in-ibm-java-runtime-affect-ibm-spectrum-conductor-and-ibm-spectrum-conductor-with-spark-3/
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2020.4201/
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2021.0720
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-ibm-sdk-java-technology-edition-version-7-version-8-that-is-used-by-ibm-workload-scheduler-4/
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/161088/Gentoo-Linux-Security-Advisory-202101-19.html
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2021.0569
来源:www.oracle.com
链接:https://www.oracle.com/security-alerts/cpuoct2020.html
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2020.3772.2/
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-ibm-security-directory-server-4/
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-ibm-websphere-cast-iron-solution-app-connect-professional-5/
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-ibm-content-collector-for-sap-applications-2/
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/159719/Red-Hat-Security-Advisory-2020-4348-01.html
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-java-affecting-watson-knowledge-catalog-for-ibm-cloud-pak-for-data/
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/159744/Ubuntu-Security-Notice-USN-4607-1.html
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-may-affect-ibm-sdk-java-technology-edition-5/
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-sdk-java-technology-edition-quarterly-cpu-oct-2020-includes-oracle-oct-2020-cpu-affects-ibm-tivoli-composite-application-manager-for-transactions-robotic-response-time/
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-ibm-security-guardium-15/
来源:www.ibm.com
链接:https://www.ibm.com/support/pages/node/6518920
来源:www.nsfocus.net
链接:http://www.nsfocus.net/vulndb/50408
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-cloud-private-is-vulnerable-to-java-vulnerabilities-cve-2020-14792-cve-2020-14797-cve-2020-14781-cve-2020-14779-cve-2020-14798-cve-2020-14796/
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-in-ibm-java-sdk-april-2021-cpu-plus-affect-multiple-ibm-continuous-engineering-products-based-on-ibm-jazz-technology/
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-in-ibm-java-se-affects-ibm-elastic-storage-system/
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/160053/Ubuntu-Security-Notice-USN-4607-2.html
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-ibm-security-guardium-18/
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2020.3929/
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-cognos-command-center-has-addressed-multiple-vulnerabilities-q12021/
来源:access.redhat.com
链接:https://access.redhat.com/security/cve/cve-2020-14797
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-privileged-identity-manager-is-affected-by-vulnerability-in-ibm-sdk-java-technology-edition-quarterly-cpu-oct-2020/
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2020.3694.2/
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2021.0012/
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-sdk-java-technology-edition-quarterly-cpu-oct-2020-includes-oracle-oct-2020-cpu-minus-cve-2020-14781-and-cve-2020-14782-affecting-infosphere-streams-4-3/
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2020.3771/
来源:nvd.nist.gov
链接:https://nvd.nist.gov/vuln/detail/CVE-2020-14797
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2021.0072/
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-march-2021-multiple-vulnerabilities-in-ibm-java-runtime-affect-cics-transaction-gateway/
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-affect-ibm-cloud-pak-for-automation-3/
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-october-2020-patch-update-for-java/
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2020.4319.2/
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-runtime-affect-ibm-messagegateway-cve-2020-14797-cve-2020-14779-cve-2020-14796/
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-multiple-security-vulnerabilities-in-ibm-java-sdk-affects-ibm-voice-gateway-4/
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-ibm-security-guardium-13/
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-ibm-tivoli-system-automation-for-multiplatforms-oct-2020-cpu/
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-ibm-java-runtime-affects-watson-explorer-cve-2020-14797/
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2021.0061/
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-sdk-java-technology-edition-affect-ibm-operational-decision-manager-oct-2020-and-jan-2021-cpus/
受影响实体
暂无
补丁
- OpenJDK 安全漏洞的修复措施<!--2020-10-20-->
还没有评论,来说两句吧...