CLSA-2022-1653507078

See a problem?

Import Source

https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2022-1653507078.json

JSON Data

https://api.osv.dev/v1/vulns/CLSA-2022-1653507078

Upstream

CVE-2022-21426

CVE-2022-21434

CVE-2022-21443

CVE-2022-21476

CVE-2022-21496

Published

2022-05-25T19:31:18Z

Modified

2026-06-01T00:33:10.806256406Z

Summary

Fixed of 5 CVEs in java-1.8.0-openjdk

Details

Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u332-b09. That fixes following CVEs:
CVE-2022-21476: Defective secure validation in Apache Santuario
CVE-2022-21496: URI parsing inconsistencies
CVE-2022-21434: Improper object-to-string conversion in AnnotationInvocationHandler
CVE-2022-21426: Unbounded memory allocation when compiling crafted XPath expressions
CVE-2022-21443: Missing check for negative ObjectIdentifier
Remove patch files from previous change due to their presence in newer versions

References

https://errata.cloudlinux.com/centos8.4-els/CLSA-2022-1653507078.html

Affected packages

TuxCare:CentOS:8.4

java-1.8.0-openjdk

Package

Name: java-1.8.0-openjdk
Purl: pkg:rpm/tuxcare/java-1.8.0-openjdk?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.8.0.332.b09-1.el8.tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2022-1653507078.json"

java-1.8.0-openjdk-accessibility

Package

Name: java-1.8.0-openjdk-accessibility
Purl: pkg:rpm/tuxcare/java-1.8.0-openjdk-accessibility?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.8.0.332.b09-1.el8.tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2022-1653507078.json"

java-1.8.0-openjdk-accessibility-fastdebug

Package

Name: java-1.8.0-openjdk-accessibility-fastdebug
Purl: pkg:rpm/tuxcare/java-1.8.0-openjdk-accessibility-fastdebug?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.8.0.332.b09-1.el8.tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2022-1653507078.json"

java-1.8.0-openjdk-accessibility-slowdebug

Package

Name: java-1.8.0-openjdk-accessibility-slowdebug
Purl: pkg:rpm/tuxcare/java-1.8.0-openjdk-accessibility-slowdebug?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.8.0.332.b09-1.el8.tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2022-1653507078.json"

java-1.8.0-openjdk-demo

Package

Name: java-1.8.0-openjdk-demo
Purl: pkg:rpm/tuxcare/java-1.8.0-openjdk-demo?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.8.0.332.b09-1.el8.tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2022-1653507078.json"

java-1.8.0-openjdk-demo-fastdebug

Package

Name: java-1.8.0-openjdk-demo-fastdebug
Purl: pkg:rpm/tuxcare/java-1.8.0-openjdk-demo-fastdebug?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.8.0.332.b09-1.el8.tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2022-1653507078.json"

java-1.8.0-openjdk-demo-slowdebug

Package

Name: java-1.8.0-openjdk-demo-slowdebug
Purl: pkg:rpm/tuxcare/java-1.8.0-openjdk-demo-slowdebug?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.8.0.332.b09-1.el8.tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2022-1653507078.json"

java-1.8.0-openjdk-devel

Package

Name: java-1.8.0-openjdk-devel
Purl: pkg:rpm/tuxcare/java-1.8.0-openjdk-devel?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.8.0.332.b09-1.el8.tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2022-1653507078.json"

java-1.8.0-openjdk-devel-fastdebug

Package

Name: java-1.8.0-openjdk-devel-fastdebug
Purl: pkg:rpm/tuxcare/java-1.8.0-openjdk-devel-fastdebug?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.8.0.332.b09-1.el8.tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2022-1653507078.json"

java-1.8.0-openjdk-devel-slowdebug

Package

Name: java-1.8.0-openjdk-devel-slowdebug
Purl: pkg:rpm/tuxcare/java-1.8.0-openjdk-devel-slowdebug?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.8.0.332.b09-1.el8.tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2022-1653507078.json"

java-1.8.0-openjdk-fastdebug

Package

Name: java-1.8.0-openjdk-fastdebug
Purl: pkg:rpm/tuxcare/java-1.8.0-openjdk-fastdebug?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.8.0.332.b09-1.el8.tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2022-1653507078.json"

java-1.8.0-openjdk-headless

Package

Name: java-1.8.0-openjdk-headless
Purl: pkg:rpm/tuxcare/java-1.8.0-openjdk-headless?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.8.0.332.b09-1.el8.tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2022-1653507078.json"

java-1.8.0-openjdk-headless-fastdebug

Package

Name: java-1.8.0-openjdk-headless-fastdebug
Purl: pkg:rpm/tuxcare/java-1.8.0-openjdk-headless-fastdebug?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.8.0.332.b09-1.el8.tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2022-1653507078.json"

java-1.8.0-openjdk-headless-slowdebug

Package

Name: java-1.8.0-openjdk-headless-slowdebug
Purl: pkg:rpm/tuxcare/java-1.8.0-openjdk-headless-slowdebug?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.8.0.332.b09-1.el8.tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2022-1653507078.json"

java-1.8.0-openjdk-javadoc

Package

Name: java-1.8.0-openjdk-javadoc
Purl: pkg:rpm/tuxcare/java-1.8.0-openjdk-javadoc?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.8.0.332.b09-1.el8.tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2022-1653507078.json"

java-1.8.0-openjdk-javadoc-zip

Package

Name: java-1.8.0-openjdk-javadoc-zip
Purl: pkg:rpm/tuxcare/java-1.8.0-openjdk-javadoc-zip?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.8.0.332.b09-1.el8.tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2022-1653507078.json"

java-1.8.0-openjdk-slowdebug

Package

Name: java-1.8.0-openjdk-slowdebug
Purl: pkg:rpm/tuxcare/java-1.8.0-openjdk-slowdebug?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.8.0.332.b09-1.el8.tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2022-1653507078.json"

java-1.8.0-openjdk-src

Package

Name: java-1.8.0-openjdk-src
Purl: pkg:rpm/tuxcare/java-1.8.0-openjdk-src?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.8.0.332.b09-1.el8.tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2022-1653507078.json"

java-1.8.0-openjdk-src-fastdebug

Package

Name: java-1.8.0-openjdk-src-fastdebug
Purl: pkg:rpm/tuxcare/java-1.8.0-openjdk-src-fastdebug?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.8.0.332.b09-1.el8.tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2022-1653507078.json"

java-1.8.0-openjdk-src-slowdebug

Package

Name: java-1.8.0-openjdk-src-slowdebug
Purl: pkg:rpm/tuxcare/java-1.8.0-openjdk-src-slowdebug?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.8.0.332.b09-1.el8.tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2022-1653507078.json"