CLSA-2024-1724259539

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2024-1724259539.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2024-1724259539
Upstream
Published
2024-08-21T16:59:02Z
Modified
2026-05-29T01:19:28.764942544Z
Summary
java-1.8.0-openjdk: Fix of 6 CVEs
Details
  • Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u422-b05. That fixes following CVEs:
  • CVE-2024-21131: UTF8 size overflow
  • CVE-2024-21138: Infinite loop vunlerability in SymbolTable
  • CVE-2024-21140: Int overflow/underflow in Range Check Elimination (RCE)
  • CVE-2024-21144: Invalid header validation leads to Pack200 excessive loading time
  • CVE-2024-21145: Out-of-bounds access in MaskFill
  • CVE-2024-21147: Out-of-bounds array index in Range Check Elimination (RCE)
References

Affected packages