CVE-2020-14803

CWE-36711 documents9 sources
Severity
5.3MEDIUM
EPSS
0.0%
top 87.76%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
10
Netapp E-series Santricity OS ControllerOracle Corporation Graalvm Enterprise EditionOracle Corporation Java SE JDK AND JRE+7 more
Timeline
PublishedOct 21
Latest updateMay 24

Description

Vulnerability in the Java SE product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 11.0.8 and 15. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Sta

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages10 packages

CVEListV5oracle_corporation/java_se_jdk_and_jre15, Java SE: 11.0.8+1
NVDoracle/jdk4 versions+3
NVDoracle/jre4 versions+3
NVDoracle/graalvm4 versions+3
NVDoracle/openjdk17 versions+16

Also affects: Debian Linux 10.0, 9.0

Patches

Patch: www.oracle.comPatch: www.oracle.com

🔴Vulnerability Details

3
GHSA
GHSA-5frm-fh7j-wpfx: Vulnerability in the Java SE product of Oracle Java SE (component: Libraries)2022-05-24
CVEList
CVE-2020-14803: Vulnerability in the Java SE product of Oracle Java SE (component: Libraries)2020-10-21
OSV
CVE-2020-14803: Vulnerability in the Java SE product of Oracle Java SE (component: Libraries)2020-10-21

📋Vendor Advisories

6
Oracle
Oracle Oracle GraalVM Risk Matrix: Java — CVE-2020-148032021-01-15
Ubuntu
OpenJDK regressions2020-11-12
Ubuntu
OpenJDK vulnerabilities2020-10-27
Red Hat
OpenJDK: Race condition in NIO Buffer boundary checks (Libraries, 8244136)2020-10-20
Oracle
Oracle Oracle GraalVM Risk Matrix: Java — CVE-2020-148032020-10-15

💬Community

1
Bugzilla
CVE-2020-14803 OpenJDK: Race condition in NIO Buffer boundary checks (Libraries, 8244136)2020-10-20