Skip to main content

Alerta de seguridad (A24-10-18): Múltiples vulnerabilidades en Oracle Java y productos Oracle (octubre de 2024)

octubre 17, 2024


Descripción:

Oracle ha publicado el aviso de actualización de parches críticos (CPU) con colecciones de parches para múltiples vulnerabilidades encontradas en Java SE y varios productos de Oracle. La lista de parches se puede encontrar en:
https://www.oracle.com/security-alerts/cpuoct2024.html

Sistemas afectados:

  • Oracle Java SE
  • Base de datos
  • Aplicaciones y middleware de fusión
  • Conjunto de productos Oracle MySQL
  • Base de datos NoSQL
  • Suite de productos Oracle y Sun Systems

Puede encontrar una lista completa de los productos afectados en:
https://www.oracle.com/security-alerts/cpuoct2024.html

Impacto:

La explotación exitosa de las vulnerabilidades podría conducir a la ejecución remota de código, denegación de servicio, elevación de privilegios, divulgación de información, elusión de restricciones de seguridad o manipulación de un sistema afectado.

Recomendación:

Hay parches disponibles para los sistemas afectados. Los usuarios de los sistemas afectados deben seguir las recomendaciones proporcionadas por el proveedor y tomar medidas inmediatas para mitigar el riesgo.

Para productos Oracle Java SE, consulte el siguiente enlace:
Plataforma Java SE 8u431 (JDK y JRE)
Plataforma Java SE 11.0.25 (JDK y JRE)
Plataforma Java SE 17.0.13 (JDK y JRE)
Plataforma Java SE 21.0.5 (JDK y JRE)
Plataforma Java SE 23.0.1 (JDK y JRE)

https://www.oracle.com/java/technologies/javase-downloads.html

Para OpenJDK, consulte el siguiente enlace:
https://jdk.java.net/

Los usuarios también pueden acceder al aviso de seguridad a continuación para obtener información sobre las actualizaciones de seguridad de otros productos de Oracle:
https://www.oracle.com/security-alerts/cpuoct2024.html

Los usuarios pueden ponerse en contacto con sus proveedores para obtener soluciones y asistencia.

Más información:

  • https://www.oracle.com/security-alerts/cpuoct2024.html
  • https://www.hkcert.org/security-bulletin/oracle-products-multiple-vulnerabilities_20241016
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10172
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022 (a CVE-2020-11023)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13956
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17521
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23358
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28170
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36713
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37137
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41184
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2601
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23305
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23437
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31129
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31160
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34381
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36760
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46337
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0401
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2953
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2976
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3635
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4043
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4759
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5072
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5678
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5685
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5752
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6597
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6816
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20863
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28439
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28823
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33201
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34055
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35116
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38408
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38545
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39410
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39743
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42950
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44483
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46136
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50447
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51775
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0232
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0450
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0727
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2398
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2511
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4577
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4603
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4741
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5535
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5585
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5971
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6119
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6162
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6345
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6387
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7254
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21172
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21190 (a CVE-2024-21219)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21230 (a CVE-2024-21239)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21241 (a CVE-2024-21244)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21246 (a CVE-2024-21255)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21257 (a CVE-2024-21286)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22020
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22201
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22257
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22262
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23635
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23672
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23807
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23944
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24549
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25062
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25269
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25638
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26130
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26308
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-28182
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-28752
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-28849
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29025
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29131
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29133
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29736
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29857
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-30251
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31080
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31744
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32007
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32114
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32760
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33602
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34750
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36052
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36138
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37371
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37891
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38357
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38476
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38808 (a CVE-2024-38809)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38816
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38999
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-40898
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41817
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41909
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43044
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43407
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45492
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45801





Source link

Translate »