CVE-2021-35567

Source
https://nvd.nist.gov/vuln/detail/CVE-2021-35567
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-35567.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2021-35567
Related
Published
2021-10-20T11:16:38Z
Modified
2024-10-12T07:47:34.922623Z
Severity
  • 6.8 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows low privileged attacker with network access via Kerberos to compromise Java SE, Oracle GraalVM Enterprise Edition. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Oracle GraalVM Enterprise Edition, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 6.8 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N).

References

Affected packages

Debian:11 / openjdk-11

Package

Name
openjdk-11
Purl
pkg:deb/debian/openjdk-11?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
11.0.13+8-1~deb11u1

Affected versions

11.*

11.0.12+7-2
11.0.13+8-1~deb10u1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:11 / openjdk-17

Package

Name
openjdk-17
Purl
pkg:deb/debian/openjdk-17?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
17.0.1+12-1+deb11u2

Affected versions

Other

17~19-1
17~24-1
17~27-1
17~29-1
17~31ea-1
17~33ea-1
17~35ea-1
17+35-1

17.*

17.0.1+12-1
17.0.1+12-1+deb11u1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / openjdk-17

Package

Name
openjdk-17
Purl
pkg:deb/debian/openjdk-17?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
17.0.1+12-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / openjdk-17

Package

Name
openjdk-17
Purl
pkg:deb/debian/openjdk-17?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
17.0.1+12-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/graalvm/graalvm-ce-builds

Affected ranges

Type
GIT
Repo
https://github.com/graalvm/graalvm-ce-builds
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Last affected
Type
GIT
Repo
https://github.com/openjdk/jdk
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected

Affected versions

Other

jdk-10+0
jdk-10+1
jdk-10+10
jdk-10+11
jdk-10+12
jdk-10+13
jdk-10+14
jdk-10+15
jdk-10+16
jdk-10+17
jdk-10+18
jdk-10+19
jdk-10+2
jdk-10+20
jdk-10+21
jdk-10+22
jdk-10+23
jdk-10+24
jdk-10+25
jdk-10+26
jdk-10+27
jdk-10+28
jdk-10+29
jdk-10+3
jdk-10+30
jdk-10+31
jdk-10+32
jdk-10+33
jdk-10+34
jdk-10+35
jdk-10+36
jdk-10+37
jdk-10+38
jdk-10+39
jdk-10+4
jdk-10+40
jdk-10+41
jdk-10+42
jdk-10+43
jdk-10+44
jdk-10+45
jdk-10+46
jdk-10+5
jdk-10+6
jdk-10+7
jdk-10+8
jdk-10+9
jdk-11+0
jdk-11+1
jdk-11+10
jdk-11+11
jdk-11+12
jdk-11+13
jdk-11+14
jdk-11+15
jdk-11+16
jdk-11+17
jdk-11+18
jdk-11+19
jdk-11+2
jdk-11+20
jdk-11+21
jdk-11+22
jdk-11+23
jdk-11+24
jdk-11+25
jdk-11+26
jdk-11+27
jdk-11+28
jdk-11+3
jdk-11+4
jdk-11+5
jdk-11+6
jdk-11+7
jdk-11+8
jdk-11+9
jdk-11-ga
jdk-12+0
jdk-12+1
jdk-12+10
jdk-12+11
jdk-12+12
jdk-12+13
jdk-12+14
jdk-12+15
jdk-12+16
jdk-12+17
jdk-12+18
jdk-12+19
jdk-12+2
jdk-12+20
jdk-12+21
jdk-12+22
jdk-12+23
jdk-12+24
jdk-12+25
jdk-12+26
jdk-12+27
jdk-12+28
jdk-12+29
jdk-12+3
jdk-12+30
jdk-12+31
jdk-12+32
jdk-12+33
jdk-12+4
jdk-12+5
jdk-12+6
jdk-12+7
jdk-12+8
jdk-12+9
jdk-12-ga
jdk-13+0
jdk-13+1
jdk-13+10
jdk-13+11
jdk-13+12
jdk-13+13
jdk-13+14
jdk-13+15
jdk-13+16
jdk-13+17
jdk-13+18
jdk-13+19
jdk-13+2
jdk-13+20
jdk-13+21
jdk-13+22
jdk-13+23
jdk-13+24
jdk-13+25
jdk-13+26
jdk-13+27
jdk-13+28
jdk-13+29
jdk-13+3
jdk-13+30
jdk-13+31
jdk-13+32
jdk-13+33
jdk-13+4
jdk-13+5
jdk-13+6
jdk-13+7
jdk-13+8
jdk-13+9
jdk-13-ga
jdk-14+0
jdk-14+1
jdk-14+10
jdk-14+11
jdk-14+12
jdk-14+13
jdk-14+14
jdk-14+15
jdk-14+16
jdk-14+17
jdk-14+18
jdk-14+19
jdk-14+2
jdk-14+20
jdk-14+21
jdk-14+22
jdk-14+23
jdk-14+24
jdk-14+25
jdk-14+26
jdk-14+27
jdk-14+28
jdk-14+29
jdk-14+3
jdk-14+30
jdk-14+31
jdk-14+32
jdk-14+33
jdk-14+34
jdk-14+35
jdk-14+36
jdk-14+4
jdk-14+5
jdk-14+6
jdk-14+7
jdk-14+8
jdk-14+9
jdk-14-ga
jdk-15+0
jdk-15+1
jdk-15+10
jdk-15+11
jdk-15+12
jdk-15+13
jdk-15+14
jdk-15+15
jdk-15+16
jdk-15+17
jdk-15+18
jdk-15+19
jdk-15+2
jdk-15+20
jdk-15+21
jdk-15+22
jdk-15+23
jdk-15+24
jdk-15+25
jdk-15+26
jdk-15+27
jdk-15+28
jdk-15+29
jdk-15+3
jdk-15+30
jdk-15+31
jdk-15+32
jdk-15+33
jdk-15+34
jdk-15+35
jdk-15+36
jdk-15+4
jdk-15+5
jdk-15+6
jdk-15+7
jdk-15+8
jdk-15+9
jdk-15-ga
jdk-16+0
jdk-16+1
jdk-16+10
jdk-16+11
jdk-16+12
jdk-16+13
jdk-16+14
jdk-16+15
jdk-16+16
jdk-16+17
jdk-16+18
jdk-16+19
jdk-16+2
jdk-16+20
jdk-16+21
jdk-16+22
jdk-16+23
jdk-16+24
jdk-16+25
jdk-16+26
jdk-16+27
jdk-16+28
jdk-16+29
jdk-16+3
jdk-16+30
jdk-16+31
jdk-16+32
jdk-16+33
jdk-16+34
jdk-16+35
jdk-16+36
jdk-16+4
jdk-16+5
jdk-16+6
jdk-16+7
jdk-16+8
jdk-16+9
jdk-16-ga
jdk-17+0
jdk-17+1
jdk-17+10
jdk-17+11
jdk-17+12
jdk-17+13
jdk-17+14
jdk-17+15
jdk-17+16
jdk-17+17
jdk-17+18
jdk-17+19
jdk-17+2
jdk-17+20
jdk-17+21
jdk-17+22
jdk-17+23
jdk-17+24
jdk-17+25
jdk-17+26
jdk-17+27
jdk-17+28
jdk-17+29
jdk-17+3
jdk-17+30
jdk-17+31
jdk-17+32
jdk-17+33
jdk-17+34
jdk-17+35
jdk-17+4
jdk-17+5
jdk-17+6
jdk-17+7
jdk-17+8
jdk-17+9
jdk-17-ga
jdk-18+0
jdk-9+100
jdk-9+101
jdk-9+102
jdk-9+103
jdk-9+104
jdk-9+105
jdk-9+106
jdk-9+107
jdk-9+108
jdk-9+109
jdk-9+110
jdk-9+111
jdk-9+112
jdk-9+113
jdk-9+114
jdk-9+115
jdk-9+116
jdk-9+117
jdk-9+118
jdk-9+119
jdk-9+120
jdk-9+121
jdk-9+122
jdk-9+123
jdk-9+124
jdk-9+125
jdk-9+126
jdk-9+127
jdk-9+128
jdk-9+129
jdk-9+130
jdk-9+131
jdk-9+132
jdk-9+133
jdk-9+134
jdk-9+135
jdk-9+136
jdk-9+137
jdk-9+138
jdk-9+139
jdk-9+140
jdk-9+141
jdk-9+142
jdk-9+143
jdk-9+144
jdk-9+145
jdk-9+146
jdk-9+147
jdk-9+148
jdk-9+149
jdk-9+150
jdk-9+151
jdk-9+152
jdk-9+153
jdk-9+154
jdk-9+155
jdk-9+156
jdk-9+157
jdk-9+158
jdk-9+159
jdk-9+160
jdk-9+161
jdk-9+162
jdk-9+163
jdk-9+164
jdk-9+165
jdk-9+166
jdk-9+167
jdk-9+168
jdk-9+169
jdk-9+170
jdk-9+171
jdk-9+172
jdk-9+173
jdk-9+174
jdk-9+175
jdk-9+176
jdk-9+177
jdk-9+178
jdk-9+179
jdk-9+180
jdk-9+181
jdk-9+95
jdk-9+96
jdk-9+97
jdk-9+98
jdk-9+99
jdk7-b100
jdk7-b101
jdk7-b102
jdk7-b103
jdk7-b104
jdk7-b105
jdk7-b106
jdk7-b107
jdk7-b108
jdk7-b109
jdk7-b110
jdk7-b111
jdk7-b112
jdk7-b113
jdk7-b114
jdk7-b115
jdk7-b116
jdk7-b117
jdk7-b118
jdk7-b119
jdk7-b120
jdk7-b121
jdk7-b122
jdk7-b123
jdk7-b124
jdk7-b125
jdk7-b126
jdk7-b127
jdk7-b128
jdk7-b129
jdk7-b130
jdk7-b131
jdk7-b132
jdk7-b133
jdk7-b134
jdk7-b135
jdk7-b136
jdk7-b137
jdk7-b138
jdk7-b139
jdk7-b140
jdk7-b141
jdk7-b142
jdk7-b143
jdk7-b144
jdk7-b145
jdk7-b146
jdk7-b147
jdk7-b24
jdk7-b25
jdk7-b26
jdk7-b27
jdk7-b28
jdk7-b29
jdk7-b30
jdk7-b31
jdk7-b32
jdk7-b33
jdk7-b34
jdk7-b35
jdk7-b36
jdk7-b37
jdk7-b38
jdk7-b39
jdk7-b40
jdk7-b41
jdk7-b42
jdk7-b43
jdk7-b44
jdk7-b45
jdk7-b46
jdk7-b47
jdk7-b48
jdk7-b49
jdk7-b50
jdk7-b51
jdk7-b52
jdk7-b53
jdk7-b54
jdk7-b55
jdk7-b56
jdk7-b57
jdk7-b58
jdk7-b59
jdk7-b60
jdk7-b61
jdk7-b62
jdk7-b63
jdk7-b64
jdk7-b65
jdk7-b66
jdk7-b67
jdk7-b68
jdk7-b69
jdk7-b70
jdk7-b71
jdk7-b72
jdk7-b73
jdk7-b74
jdk7-b75
jdk7-b76
jdk7-b77
jdk7-b78
jdk7-b79
jdk7-b80
jdk7-b81
jdk7-b82
jdk7-b83
jdk7-b84
jdk7-b85
jdk7-b86
jdk7-b87
jdk7-b88
jdk7-b89
jdk7-b90
jdk7-b91
jdk7-b92
jdk7-b93
jdk7-b94
jdk7-b95
jdk7-b96
jdk7-b97
jdk7-b98
jdk7-b99
jdk8-b01
jdk8-b02
jdk8-b03
jdk8-b04
jdk8-b05
jdk8-b06
jdk8-b07
jdk8-b08
jdk8-b09
jdk8-b10
jdk8-b100
jdk8-b101
jdk8-b102
jdk8-b103
jdk8-b104
jdk8-b105
jdk8-b106
jdk8-b107
jdk8-b108
jdk8-b109
jdk8-b11
jdk8-b110
jdk8-b111
jdk8-b112
jdk8-b113
jdk8-b114
jdk8-b115
jdk8-b116
jdk8-b117
jdk8-b118
jdk8-b119
jdk8-b12
jdk8-b120
jdk8-b13
jdk8-b14
jdk8-b15
jdk8-b16
jdk8-b17
jdk8-b18
jdk8-b19
jdk8-b20
jdk8-b21
jdk8-b22
jdk8-b23
jdk8-b24
jdk8-b25
jdk8-b26
jdk8-b27
jdk8-b28
jdk8-b29
jdk8-b30
jdk8-b31
jdk8-b32
jdk8-b33
jdk8-b34
jdk8-b35
jdk8-b36
jdk8-b37
jdk8-b38
jdk8-b39
jdk8-b40
jdk8-b41
jdk8-b42
jdk8-b43
jdk8-b44
jdk8-b45
jdk8-b46
jdk8-b47
jdk8-b48
jdk8-b49
jdk8-b50
jdk8-b51
jdk8-b52
jdk8-b53
jdk8-b54
jdk8-b55
jdk8-b56
jdk8-b57
jdk8-b58
jdk8-b59
jdk8-b60
jdk8-b61
jdk8-b62
jdk8-b63
jdk8-b64
jdk8-b65
jdk8-b66
jdk8-b67
jdk8-b68
jdk8-b69
jdk8-b70
jdk8-b71
jdk8-b72
jdk8-b73
jdk8-b74
jdk8-b75
jdk8-b76
jdk8-b77
jdk8-b78
jdk8-b79
jdk8-b80
jdk8-b81
jdk8-b82
jdk8-b83
jdk8-b84
jdk8-b85
jdk8-b86
jdk8-b87
jdk8-b88
jdk8-b89
jdk8-b90
jdk8-b91
jdk8-b92
jdk8-b93
jdk8-b94
jdk8-b95
jdk8-b96
jdk8-b97
jdk8-b98
jdk8-b99
jdk9-b00
jdk9-b01
jdk9-b02
jdk9-b03
jdk9-b04
jdk9-b05
jdk9-b06
jdk9-b07
jdk9-b08
jdk9-b09
jdk9-b10
jdk9-b11
jdk9-b12
jdk9-b13
jdk9-b14
jdk9-b15
jdk9-b16
jdk9-b17
jdk9-b18
jdk9-b19
jdk9-b20
jdk9-b21
jdk9-b22
jdk9-b23
jdk9-b24
jdk9-b25
jdk9-b26
jdk9-b27
jdk9-b28
jdk9-b29
jdk9-b30
jdk9-b31
jdk9-b32
jdk9-b33
jdk9-b34
jdk9-b35
jdk9-b36
jdk9-b37
jdk9-b38
jdk9-b39
jdk9-b40
jdk9-b41
jdk9-b42
jdk9-b43
jdk9-b44
jdk9-b45
jdk9-b46
jdk9-b47
jdk9-b48
jdk9-b49
jdk9-b50
jdk9-b51
jdk9-b52
jdk9-b53
jdk9-b54
jdk9-b55
jdk9-b56
jdk9-b57
jdk9-b58
jdk9-b59
jdk9-b60
jdk9-b61
jdk9-b62
jdk9-b63
jdk9-b64
jdk9-b65
jdk9-b66
jdk9-b67
jdk9-b68
jdk9-b69
jdk9-b70
jdk9-b71
jdk9-b72
jdk9-b73
jdk9-b74
jdk9-b75
jdk9-b76
jdk9-b77
jdk9-b78
jdk9-b79
jdk9-b80
jdk9-b81
jdk9-b82
jdk9-b83
jdk9-b84
jdk9-b85
jdk9-b86
jdk9-b87
jdk9-b88
jdk9-b89
jdk9-b90
jdk9-b91
jdk9-b92
jdk9-b93
jdk9-b94

vm-19.*

vm-19.3.2
vm-19.3.2-pre
vm-19.3.3
vm-19.3.4
vm-19.3.5
vm-19.3.6

vm-20.*

vm-20.0.1
vm-20.1.0
vm-20.2.0
vm-20.3.0
vm-20.3.1
vm-20.3.1.2
vm-20.3.2
vm-20.3.3

vm-21.*

vm-21.0.0
vm-21.0.0.2
vm-21.1.0