Fluid Attacks Database

Description

The Hotspot component in OpenJDK8 as packaged in Red Hat Enterprise Linux 6 and 7 allows local users to write to arbitrary files via a symlink attack.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
rpm rhel7	java-1.8.0-openjdk	<1:1.8.0.51-1.b16.el7_1	1:1.8.0.51-1.b16.el7_1
rpm rhel6	java-1.8.0-openjdk	<1:1.8.0.51-0.b16.el6_6	1:1.8.0.51-0.b16.el6_6

Aliases

1. CVE-2015-31492. NVD-2015-31493. OSV-2015-3149

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.