Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact
5.3
CVSSv3

CVE-2022-21299

CVSSv4: NA | CVSSv3: 5.3 | CVSSv2: 5 | VMScore: 630 | EPSS: 0.00049 | KEV: Not Included
Published: 19/01/2022 Updated: 21/11/2024

Vulnerability Summary

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

oracle graalvm 20.3.4

oracle graalvm 21.3.0

oracle jdk 1.7.0

oracle jdk 1.8.0

oracle jdk 11.0.13

oracle jdk 17.0.1

oracle jre 1.7.0

oracle jre 1.8.0

oracle jre 11.0.13

oracle jre 17.0.1

netapp 7-mode transition tool -

netapp active iq unified manager -

netapp cloud insights acquisition unit -

netapp cloud secure agent -

netapp e-series santricity os controller

netapp e-series santricity storage manager -

netapp e-series santricity web services -

netapp hci management node -

netapp oncommand insight -

netapp oncommand workflow automation -

netapp santricity storage plugin -

netapp santricity unified manager -

netapp snapmanager -

netapp solidfire -

debian debian linux 9.0

debian debian linux 10.0

debian debian linux 11.0

oracle openjdk

oracle openjdk 7

oracle openjdk 8

oracle openjdk 17

oracle openjdk 17.0.1

Vendor Advisories

Ubuntu Security Notice: USN-5313-1: OpenJDK vulnerabilities
Several security issues were fixed in OpenJDK ...
Ubuntu Security Notice: USN-5313-2: OpenJDK 11 regression
USN-5313-1 introduced a regression in OpenJDK 11 ...
Debian Security Advisories: DSA-5058-1 openjdk-17 -- security update
Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service, bypass of deserialization restrictions or information disclosure For the stable distribution (bullseye), these problems have been fixed in version 1702+8-1~deb11u1 We recommend that you upgrade your openjdk-17 packages For the detai ...
Debian Security Advisories: DSA-5057-1 openjdk-11 -- security update
Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service, bypass of deserialization restrictions or information disclosure For the oldstable distribution (buster), these problems have been fixed in version 11014+9-1~deb10u1 For the stable distribution (bullseye), these problems have been fi ...
Amazon Linux AMI: ALAS-2022-1633
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization) Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11013, 1701; Oracle GraalVM Enterprise Edition: 2034 and 2130 Difficult to exploit vulnerability allows unauthenticated attacker with network acce ...
Amazon Linux AMI: ALAS-2022-1631
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization) Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11013, 1701; Oracle GraalVM Enterprise Edition: 2034 and 2130 Difficult to exploit vulnerability allows unauthenticated attacker with network acce ...
Amazon Linux 2: ALAS2-2022-1753
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization) Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11013, 1701; Oracle GraalVM Enterprise Edition: 2034 and 2130 Difficult to exploit vulnerability allows unauthenticated attacker with network acce ...
Amazon Linux 2: ALAS2-2022-1821
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization) Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11013, 1701; Oracle GraalVM Enterprise Edition: 2034 and 2130 Difficult to exploit vulnerability allows unauthenticated attacker with network acce ...
Amazon Linux 2: ALAS2-2022-1752
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization) Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11013, 1701; Oracle GraalVM Enterprise Edition: 2034 and 2130 Difficult to exploit vulnerability allows unauthenticated attacker with network acce ...
Amazon Linux 2: ALAS2-2022-1835
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization) Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11013, 1701; Oracle GraalVM Enterprise Edition: 2034 and 2130 Difficult to exploit vulnerability allows unauthenticated attacker with network acce ...
Red Hat: Moderate: java-1.8.0-openjdk security update
Synopsis Moderate: java-180-openjdk security update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for java-180-openjdk is now available for Red Hat Enterprise Linux 84 Extended Update SupportRed Hat Produ ...
Red Hat: Moderate: java-1.8.0-openjdk security update
Synopsis Moderate: java-180-openjdk security update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for java-180-openjdk is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this ...
Red Hat: Moderate: OpenJDK 8u322 security update for Portable Linux Builds
Synopsis Moderate: OpenJDK 8u322 security update for Portable Linux Builds Type/Severity Security Advisory: Moderate Topic The Red Hat build of OpenJDK 8 (java-180-openjdk) is now available for portable LinuxRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) ...
Red Hat: Moderate: OpenJDK 8u322 Windows builds release and security update
Synopsis Moderate: OpenJDK 8u322 Windows builds release and security update Type/Severity Security Advisory: Moderate Topic The Red Hat build of OpenJDK 8 (java-180-openjdk) is now available for WindowsRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base s ...
Red Hat: Moderate: java-1.7.1-ibm security update
Synopsis Moderate: java-171-ibm security update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for java-171-ibm is now available for Red Hat Enterprise Linux 7 SupplementaryRed Hat Product Security has rate ...
Red Hat: Moderate: java-1.8.0-openjdk security update
Synopsis Moderate: java-180-openjdk security update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for java-180-openjdk is now available for Red Hat Enterprise Linux 81 Update Services for SAP SolutionsRed ...
Red Hat: Moderate: java-1.8.0-openjdk security and bug fix update
Synopsis Moderate: java-180-openjdk security and bug fix update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for java-180-openjdk is now available for Red Hat Enterprise Linux 8Red Hat Product Security ha ...
Red Hat: Moderate: java-1.8.0-openjdk security update
Synopsis Moderate: java-180-openjdk security update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for java-180-openjdk is now available for Red Hat Enterprise Linux 82 Extended Update SupportRed Hat Produ ...
Red Hat: Moderate: Release of OpenShift Serverless 1.21.0
Synopsis Moderate: Release of OpenShift Serverless 1210 Type/Severity Security Advisory: Moderate Topic Release of OpenShift Serverless 1210Red Hat Product Security has rated this update as having a security impact ofModerate A Common Vulnerability Scoring System (CVSS) base score, which gives adetailed severity rating, is available for ...
Red Hat: Moderate: OpenShift Container Platform 4.8.31 security update
Synopsis Moderate: OpenShift Container Platform 4831 security update Type/Severity Security Advisory: Moderate Topic Red Hat OpenShift Container Platform release 4831 is now available withupdates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift Container Platfo ...
Red Hat: Moderate: OpenShift Container Platform 4.7.43 security update
Synopsis Moderate: OpenShift Container Platform 4743 security update Type/Severity Security Advisory: Moderate Topic Red Hat OpenShift Container Platform release 4743 is now available withupdates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift Container Platfo ...
Red Hat: Moderate: OpenShift Container Platform 4.7.43 security update
Synopsis Moderate: OpenShift Container Platform 4743 security update Type/Severity Security Advisory: Moderate Topic Red Hat OpenShift Container Platform release 4743 is now available withupdates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift Container Platfo ...
Red Hat: Moderate: OpenShift Container Platform 4.7.42 security update
Synopsis Moderate: OpenShift Container Platform 4742 security update Type/Severity Security Advisory: Moderate Topic Red Hat OpenShift Container Platform release 4742 is now available withupdates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift Container Platfo ...
Red Hat: Important: Red Hat Single Sign-On 7.4.10 on OpenJDK for OpenShift image security update
Synopsis Important: Red Hat Single Sign-On 7410 on OpenJDK for OpenShift image security update Type/Severity Security Advisory: Important Topic A new image is available for Red Hat Single Sign-On 7410 on OpenJDK, running on OpenShift Container Platform 310 and 311, and 43 Description Red Hat Single Sign-On is an integrated sign-on s ...
Red Hat: Important: Red Hat Single Sign-On 7.5.1 for OpenShift image security and enhancement update
Synopsis Important: Red Hat Single Sign-On 751 for OpenShift image security and enhancement update Type/Severity Security Advisory: Important Topic A new image is available for Red Hat Single Sign-On 751, running on OpenShift Container Platform 310 and 311, and 49Red Hat Product Security has rated this update as having a security impa ...
Red Hat: Moderate: Red Hat Single Sign-On 7.4.10 on OpenJ9 for OpenShift image security update
Synopsis Moderate: Red Hat Single Sign-On 7410 on OpenJ9 for OpenShift image security update Type/Severity Security Advisory: Moderate Topic A new image is available for Red Hat Single Sign-On 7410 on OpenJ9, running on OpenShift Container Platform 310 and 311, and 43Red Hat Product Security has rated this update as having a security ...
Red Hat: Moderate: Red Hat Single Sign-On 7.4.10 on OpenJDK for OpenShift image security update
Synopsis Moderate: Red Hat Single Sign-On 7410 on OpenJDK for OpenShift image security update Type/Severity Security Advisory: Moderate Topic A new image is available for Red Hat Single Sign-On 7410 on OpenJDK, running on OpenShift Container Platform 310 and 311, and 43Red Hat Product Security has rated this update as having a securit ...
Red Hat: Moderate: Red Hat JBoss Enterprise Application Platform 7.4.5 security update
Synopsis Moderate: Red Hat JBoss Enterprise Application Platform 745 security update Type/Severity Security Advisory: Moderate Topic A security update is now available for Red Hat JBoss Enterprise Application Platform 74Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring S ...
Red Hat: Moderate: Red Hat JBoss Enterprise Application Platform 7.4.5 security update on RHEL 7
Synopsis Moderate: Red Hat JBoss Enterprise Application Platform 745 security update on RHEL 7 Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic A security update is now available for Red Hat JBoss Enterprise Application P ...
Red Hat: Moderate: Red Hat JBoss Enterprise Application Platform 7.4.5 security update on RHEL 8
Synopsis Moderate: Red Hat JBoss Enterprise Application Platform 745 security update on RHEL 8 Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic A security update is now available for Red Hat JBoss Enterprise Application P ...
Amazon Linux 2022: ALAS2022-2022-047
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization) Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11013, 1701; Oracle GraalVM Enterprise Edition: 2034 and 2130 Difficult to exploit vulnerability allows unauthenticated attacker with network acce ...
Amazon Linux 2022: ALAS2022-2022-037
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization) Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11013, 1701; Oracle GraalVM Enterprise Edition: 2034 and 2130 Difficult to exploit vulnerability allows unauthenticated attacker with network acce ...
Hitachi Security Advisories: Multiple Vulnerabilities in Cosminexus
Cosminexus Developer's Kit for Java(TM) and Hitachi Developer's Kit for Java contain the following vulnerabilities: CVE-2022-21248, CVE-2022-21271, CVE-2022-21277, CVE-2022-21282, CVE-2022-21283, CVE-2022-21291, CVE-2022-21293, CVE-2022-21294, CVE-2022-21296, CVE-2022-21299, CVE-2022-21305, CVE-2022-21340, CVE-2022-21341, CVE-2022-21360, CVE-202 ...
Hitachi Security Advisories: Multiple Vulnerabilities in Hitachi Command Suite, Hitachi Automation Director, Hitachi Configuration Manager, Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center
Multiple vulnerabilities have been found in Hitachi Command Suite, Hitachi Automation Director, Hitachi Configuration Manager, Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center CVE-2022-21248, CVE-2022-21271, CVE-2022-21277, CVE-2022-21282, CVE-2022-21283, CVE-2022-21291, CVE-2022-21293, CVE-2022-21294, CVE-2022-21296, CVE-2022-212 ...

References

NVD-CWE-noinfohttps://nvd.nist.govhttps://ubuntu.com/security/notices/USN-5313-1https://www.first.org/epsshttps://lists.debian.org/debian-lts-announce/2022/02/msg00011.htmlhttps://security.gentoo.org/glsa/202209-05https://security.netapp.com/advisory/ntap-20220121-0007/https://security.netapp.com/advisory/ntap-20240621-0006/https://www.debian.org/security/2022/dsa-5057https://www.debian.org/security/2022/dsa-5058https://www.oracle.com/security-alerts/cpujan2022.htmlhttps://lists.debian.org/debian-lts-announce/2022/02/msg00011.htmlhttps://security.gentoo.org/glsa/202209-05https://security.netapp.com/advisory/ntap-20220121-0007/https://security.netapp.com/advisory/ntap-20240621-0006/https://www.debian.org/security/2022/dsa-5057https://www.debian.org/security/2022/dsa-5058https://www.oracle.com/security-alerts/cpujan2022.html
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
realteofile inclusionCVE-2025-27363fortinetCVE-2025-2263CVE-2025-29782CVE-2025-1266CVE-2025-24985command injectionCVE-2025-2304camaleon-cms*insecure direct object reference
Home
/
Search Results
/
CVE-2022-21299
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook