CVE-2019-2422
Severity
3.1LOW
EPSS
0.3%
top 44.38%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJan 16
Latest updateMay 13
Description
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u201, 8u192 and 11.0.1; Java SE Embedded: 8u191. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java…
CVSS vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:NExploitability: 1.6 | Impact: 1.4
Affected Packages13 packages
Also affects: Debian Linux 8.0, 9.0, Ubuntu Linux 14.04, 16.04, 18.04, 18.10, Enterprise Linux 8.0, 8.6, 7.6
Patches
🔴Vulnerability Details
5GHSA▶
GHSA-9hmr-2699-952q: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries)↗2022-05-13
CVEList▶
CVE-2019-2422: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries)↗2019-01-16
OSV▶
CVE-2019-2422: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries)↗2019-01-16
📋Vendor Advisories
5Debian▶
CVE-2019-2422: openjdk-11 - Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Librarie...↗2019
💬Community
1Bugzilla
▶