Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
3.1
CVSSv3

CVE-2019-2422

Published: 16/01/2019 Updated: 06/10/2022
CVSS v2 Base Score: 2.6 | Impact Score: 2.9 | Exploitability Score: 4.9
CVSS v3 Base Score: 3.1 | Impact Score: 1.4 | Exploitability Score: 1.6
VMScore: 231
Vector: AV:N/AC:H/Au:N/C:P/I:N/A:N
Subscribe to Jdk

Vulnerability Summary

It exists that a memory disclosure issue existed in the OpenJDK Library subsystem. An attacker could use this to expose sensitive information and possibly bypass Java sandbox restrictions.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

oracle jdk 11.0.1

oracle jre 11.0.1

oracle jdk 1.8.0

oracle jdk 1.7.0

oracle jre 1.7.0

oracle jre 1.8.0

canonical ubuntu linux 16.04

canonical ubuntu linux 14.04

canonical ubuntu linux 18.04

canonical ubuntu linux 18.10

netapp oncommand unified manager

netapp oncommand workflow automation

netapp snapmanager -

redhat enterprise linux desktop 7.0

redhat enterprise linux workstation 7.0

redhat enterprise linux server 7.0

redhat enterprise linux desktop 6.0

redhat enterprise linux server 6.0

redhat enterprise linux workstation 6.0

redhat satellite 5.8

redhat enterprise linux server tus 7.6

redhat enterprise linux server eus 7.6

redhat enterprise linux server 7.6

redhat enterprise linux server aus 7.6

redhat enterprise linux 8.0

redhat enterprise linux eus 8.6

debian debian linux 8.0

debian debian linux 9.0

opensuse leap 42.3

opensuse leap 15.0

hp xp7 command view

Vendor Advisories

Debian Security Advisories: DSA-4410-1 openjdk-8 -- security update
A memory disclosure vulnerability was discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in information disclosure or bypass of sandbox restrictions For the stable distribution (stretch), this problem has been fixed in version 8u212-b01-1~deb9u1 We recommend that you upgrade your openjdk-8 packages For the detailed s ...
Ubuntu Security Notice: openjdk-7 vulnerability
Java applets or applications could be made to expose sensitive information ...
Ubuntu Security Notice: openjdk-lts vulnerability
Java applets or applications could be made to expose sensitive information ...
Ubuntu Security Notice: openjdk-8, openjdk-lts vulnerability
Java applets or applications could be made to expose sensitive information ...
Amazon Linux 2: ALAS2-2019-1177
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries) Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE Successful attacks require human interaction from a person other than the attacker Successful attacks of this vulnerability can resu ...
Red Hat: Moderate: java-11-openjdk security update
Synopsis Moderate: java-11-openjdk security update Type/Severity Security Advisory: Moderate Topic An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS ...
Red Hat: Critical: java-1.8.0-ibm security update
Synopsis Critical: java-180-ibm security update Type/Severity Security Advisory: Critical Topic An update for java-180-ibm is now available for Red Hat Enterprise Linux 6 SupplementaryRed Hat Product Security has rated this update as having a security impact of Critical A Common Vulnerability Scoring ...
Red Hat: Critical: java-1.8.0-ibm security update
Synopsis Critical: java-180-ibm security update Type/Severity Security Advisory: Critical Topic An update for java-180-ibm is now available for Red Hat Enterprise Linux 7 SupplementaryRed Hat Product Security has rated this update as having a security impact of Critical A Common Vulnerability Scoring ...
Red Hat: Critical: java-1.7.1-ibm security update
Synopsis Critical: java-171-ibm security update Type/Severity Security Advisory: Critical Topic An update for java-171-ibm is now available for Red Hat Enterprise Linux 7 SupplementaryRed Hat Product Security has rated this update as having a security impact of Critical A Common Vulnerability Scoring ...
Red Hat: Critical: java-1.7.1-ibm security update
Synopsis Critical: java-171-ibm security update Type/Severity Security Advisory: Critical Topic An update for java-171-ibm is now available for Red Hat Enterprise Linux 6 SupplementaryRed Hat Product Security has rated this update as having a security impact of Critical A Common Vulnerability Scoring ...
Red Hat: Moderate: java-1.7.0-openjdk security update
Synopsis Moderate: java-170-openjdk security update Type/Severity Security Advisory: Moderate Topic An update for java-170-openjdk is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System ...
Red Hat: Moderate: java-1.8.0-ibm security update
Synopsis Moderate: java-180-ibm security update Type/Severity Security Advisory: Moderate Topic An update for java-180-ibm is now available for Red Hat Satellite 58Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base ...
Red Hat: Moderate: java-1.8.0-openjdk security update
Synopsis Moderate: java-180-openjdk security update Type/Severity Security Advisory: Moderate Topic An update for java-180-openjdk is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System ...
Red Hat: Moderate: java-1.7.0-openjdk security update
Synopsis Moderate: java-170-openjdk security update Type/Severity Security Advisory: Moderate Topic An update for java-170-openjdk is now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System ...
Red Hat: Critical: java-1.8.0-ibm security update
Synopsis Critical: java-180-ibm security update Type/Severity Security Advisory: Critical Topic An update for java-180-ibm is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Critical A Common Vulnerability Scoring System (CVSS) ...
Amazon Linux AMI: ALAS-2019-1177
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries) Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE Successful attacks require human interaction from a person other than the attacker Successful attacks of this vulnerability can resu ...
Red Hat: CVE-2019-2422
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries) Supported versions that are affected are Java SE: 7u201, 8u192 and 1101; Java SE Embedded: 8u191 Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE Successful attacks require human ...
Hitachi Security Advisories: Multiple Vulnerabilities in Cosminexus
Cosminexus Developer's Kit for Java(TM) and Hitachi Developer's Kit for Java contain the following vulnerabilities: CVE-2018-11212, CVE-2019-2422, CVE-2019-2426 Affected products and versions are listed below Please upgrade your version to the appropriate version These vulnerabilities exist in Cosminexus Developer's Kit for Java(TM) and Hita ...
Hitachi Security Advisories: Multiple Vulnerabilities in Hitachi Command Suite and Hitachi Infrastructure Analytics Advisor
Multiple vulnerabilities have been found in Hitachi Command Suite and Hitachi Infrastructure Analytics Advisor CVE-2018-11212, CVE-2019-2422, CVE-2019-2426 Affected products and versions are listed below Please upgrade your version to the appropriate version, or apply the Workarounds ...

References

NVD-CWE-noinfohttp://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.htmlhttp://www.securityfocus.com/bid/106596https://security.netapp.com/advisory/ntap-20190118-0001/https://usn.ubuntu.com/3875-1/https://access.redhat.com/errata/RHSA-2019:0416https://access.redhat.com/errata/RHSA-2019:0436https://access.redhat.com/errata/RHSA-2019:0435https://access.redhat.com/errata/RHSA-2019:0464https://access.redhat.com/errata/RHSA-2019:0462https://access.redhat.com/errata/RHSA-2019:0469https://access.redhat.com/errata/RHSA-2019:0474https://access.redhat.com/errata/RHSA-2019:0473https://access.redhat.com/errata/RHSA-2019:0472https://security.gentoo.org/glsa/201903-14https://www.debian.org/security/2019/dsa-4410https://seclists.org/bugtraq/2019/Mar/27http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00028.htmlhttps://access.redhat.com/errata/RHSA-2019:0640https://lists.debian.org/debian-lts-announce/2019/03/msg00033.htmlhttps://usn.ubuntu.com/3942-1/https://usn.ubuntu.com/3949-1/https://access.redhat.com/errata/RHSA-2019:1238http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.htmlhttp://lists.opensuse.org/opensuse-security-announce/2019-06/msg00013.htmlhttps://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03958en_ushttps://nvd.nist.govhttps://www.debian.org/security/2019/dsa-4410https://usn.ubuntu.com/3942-1/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-21987buffer overflowCVE-2024-28890CVE-2024-27574CVE-2024-27347CVE-2024-31450privilegeSSTICVE-2024-31666
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook