Oracle JDK 14

CPE Details

Oracle JDK 14
oracle
jdk
14
2020-03-19
12h00 +00:00
2020-03-19
12h00 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:oracle:jdk:14:*:*:*:*:*:*:*

Informations

Vendor

oracle

Product

jdk

Version

14

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2022-45146 2022-11-20 23h00 +00:00 An issue was discovered in the FIPS Java API of Bouncy Castle BC-FJA before 1.0.2.4. Changes to the JVM garbage collector in Java 13 and later trigger an issue in the BC-FJA FIPS modules where it is possible for temporary keys used by the module to be zeroed out while still in use by the module, resulting in errors or potential information loss. NOTE: FIPS compliant users are unaffected because the FIPS certification is only for Java 7, 8, and 11.
5.5
Medium
CVE-2022-22965 2022-04-01 22h17 +00:00 A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it.
9.8
Critical