Search

GlobalSCAPE Knowledge Base

DMZ Gateway and OpenJDK Vulnerabilities

2 days ago @ 9:43 PM
ivasquez
DMZ Gateway

THE INFORMATION IN THIS ARTICLE APPLIES TO:

  • DMZ Gateway 4.0

DISCUSSION

This notice is for informational purposes only and is intended to provide you with the latest update from Globalscape regarding the vulnerabilities in OpenJDK which is part of Java. Globalscape deems the risk posed by this issue to be low or not applicable, but we strive to be transparent with any issues that may arise.

The following list will be updated with any new identified vulnerabilities or customer requests.

CVE

Vulnerability

Globalscape Response

CVE-2022-

21426

Oracle Java SE

Oracle GraalVM Enterprise edition

in JAXP component

This vulnerability applies to Java deployments, typically in clients running sandboxed

Java Web Start applications or sandboxed Java applets, that run untrusted code.

DMZ does not have any interface which can execute outside code.

Additionally, DMZ does not have any API endpoints that can be called from outside to exchange data.

CVE-2022-

21434

Oracle Java SE

Oracle GraalVM Enterprise edition

in JAXP component

This vulnerability applies to Java deployments, typically in clients running sandboxed

Java Web Start applications or sandboxed Java applets, that run untrusted code.

DMZ does not have any interface which can execute outside code.

Additionally, DMZ does not have any API endpoints that can be called from outside to exchange data.

CVE-2022-

21443

Oracle Java SE

Oracle GraalVM Enterprise edition

in JAXP component

This vulnerability applies to Java deployments, typically in clients running sandboxed

Java Web Start applications or sandboxed Java applets, that run untrusted code.

DMZ does not have any interface which can execute outside code.

Additionally, DMZ does not have any API endpoints that can be called from outside to exchange data.

CVE-2022-

21476

Oracle Java SE

Oracle GraalVM Enterprise edition

in JAXP component

This vulnerability applies to Java deployments, typically in clients running sandboxed

Java Web Start applications or sandboxed Java applets, that run untrusted code.

DMZ does not have any interface which can execute outside code.

Additionally, DMZ does not have any API endpoints that can be called from outside to exchange data.

CVE-2022-

21496

Oracle Java SE

Oracle GraalVM Enterprise edition

in JAXP component

This vulnerability applies to Java deployments, typically in clients running sandboxed

Java Web Start applications or sandboxed Java applets, that run untrusted code.

DMZ does not have any interface which can execute outside code.

Additionally, DMZ does not have any API endpoints that can be called from outside to exchange data.
If you would like more information on the new vulnerabilities in Java, please view the following link:

If you have any further questions or concerns, please do not hesitate to contact Support.


Share Article

On a scale of 1-5, please rate the helpfulness of this article



Not Helpful
Very Helpful
Optionally provide additional feedback to help us improve this article...

Thank you for your feedback!


Comments require login or registration.

Details
Last Modified: 2 days ago @ 9:43 PM
Last Modified By: ivasquez
Type: INFO
Article not rated yet.
Article has been viewed 111 times.
Options
Print Article
Export As PDF
Also In This Category
Customer Support Software By InstantKB 2020 Final
Execution: 0.000. 9 queries. Compression Disabled.