CVE-2020-2754

See a problem?

Source

https://nvd.nist.gov/vuln/detail/CVE-2020-2754

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-2754.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2020-2754

Related

Published

2020-04-15T14:15:25Z

Modified

2024-09-11T08:14:25.891910Z

Severity

3.7 (Low) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L CVSS Calculator

Summary

[none]

Details

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting). Supported versions that are affected are Java SE: 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).

References

Affected packages

Debian:11 / openjdk-11

Package

Name: openjdk-11
Purl: pkg:deb/debian/openjdk-11?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

11.0.7+10-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/openjdk/jdk

Affected ranges

Type: GIT
Repo: https://github.com/openjdk/jdk
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

0620440d1f92448c18cedb790913579beaff19d8

Last affected

0bd0f10d2c5965369490624627f16a39d35c8734

Last affected

0d3829a2c5a70961ffc539865adc1442c1a30bb1

Last affected

13ad3ed8b99f8c872eebb5d0bb647d5bb44ea0b5

Last affected

1408dbfdbe550dcdea4cb9a849fab6cb371ded18

Last affected

1c11f83e9262d3bf07b9d095a7b1d3659f1f2a9e

Last affected

22e500e3a917594cd93baaf8b5c7d29360d250d1

Last affected

27cab0e0c87f124277c7afeb5dd6a8750443804e

Last affected

34063e3656db6d0cadb9168f37024e6e66fc2372

Last affected

38378b7ee032d70653b3f0d4205f2305cf4f1170

Last affected

38930ae468910fb1d763f18c1d9473beffa7f3cb

Last affected

423befc9a0123b2cf13041f8acbb2a0000ddccdc

Last affected

493ac9ee8f9c4fb66b687bd740b8e1fb5ee8b86a

Last affected

6412341d454eee8a151cf89b51cabfb7b3d87140

Last affected

69efabad3d8a2ff47a62a4626c574a56edec1cfd

Last affected

6c04fd835e86522d2136ee663e19cfd5f71b9aa8

Last affected

7517b9d19367e1f057e5450d7871135b5f878d02

Last affected

7588f37667fd2a8c00d9a1a6e1afc605b75e0dc2

Last affected

75c48b0d1b36d9361a412ee2db2f51b7d9b6ef1c

Last affected

7ba83041b1d65545833655293d0976dfd1ffdea8

Last affected

7c18f827d7f096cbeb96b086a8516754f0c70221

Last affected

7ff3916e57ab852014885c3e7bdb95e5c1ed8c1e

Last affected

81ecd2932e0caee8ed01955fccc9e958c6a5cda3

Last affected

8261ee6da3c5843806c20808cc4206c73bb0efac

Last affected

82d185e64838992b019c90133d508d479d5ced0a

Last affected

880e09412543af479bc335faeda6196489a2a045

Last affected

88b37fb2a8aecf2b0afa75904d212da11919aa98

Last affected

925752098ba63b25c1cb635f50a53684d4094f8b

Last affected

ae39310243b0486f5a6f1049c6ec5f29db31170c

Last affected

b4b746fb274cb65f8cbf4a884bb20749a8f35d2b

Last affected

ba79b2bcce1ceefdeb44bb7075bc5d2647a56834

Last affected

bd04d75035a888d5034c5f7e2e0508d1d28d14af

Last affected

c1ff9b2e3b5e31e5874ca7d7a38ea4fbd9bbdd5d

Last affected

cfa6e0878b1aff48b521ee21d2598abe7f4964c2

Last affected

d08e6435e4026542e4d4bffdf12748e83ef0f9fb

Last affected

d38a1f186d640dede9fccb727ec98db3a413f9d8

Last affected

d49120d46668eaaab9df465a9ee17b696cb4e37f

Last affected

e21ea57f72b20424ac38930bcf56513cd42642e5

Last affected

e514f9072fc6ea3d2ad4e9a81251bf1fc1ed1eb6

Last affected

e7187d14db3748428c4a312203549f7ee31d4471

Last affected

e7d87b234c444e39369e8575284f785c56113324

Last affected

e9a2e84e45e1120aa306a01dfb087200f6a7f903

Last affected

ed6697aa20e3f9c17a496a544b10bfe3543de38f

Affected versions

Other

jdk7-b24

jdk7-b25

jdk7-b26

jdk7-b27

jdk7-b28

jdk7-b29

jdk7-b30

jdk7-b31

jdk7-b32

jdk7-b33

jdk7-b34

jdk7-b35

jdk7-b36

jdk7-b37

jdk7-b38

jdk7-b39

jdk7-b40

jdk7-b41

jdk7-b42

jdk7-b43

jdk7-b44

jdk7-b45