Vulnerability CVE-2022-21426 - CERT Civis.Net

Vulnerability Name:

CVE-2022-21426 (CCN-224714)

Assigned:

2021-11-15

Published:

2022-04-19

Updated:

2023-04-27

Summary:

An unspecified vulnerability in Oracle Java SE and Oracle GraalVM Enterprise Edition related to the JAXP component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors.

CVSS v3 Severity:

5.3 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
4.6 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
4.6 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

5.3 Medium (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
4.6 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2022-21426

Source: XF
Type: UNKNOWN
oracle-cpuapr2022-cve202221426(224714)

Source: secalert_us@oracle.com
Type: Mailing List, Third Party Advisory
secalert_us@oracle.com

Source: secalert_us@oracle.com
Type: Third Party Advisory
secalert_us@oracle.com

Source: secalert_us@oracle.com
Type: Third Party Advisory
secalert_us@oracle.com

Source: secalert_us@oracle.com
Type: Third Party Advisory
secalert_us@oracle.com

Source: CCN
Type: IBM Security Bulletin 6589879 (Semeru Runtimes)
Multiple vulnerabilities may affect IBM Semeru Runtime

Source: CCN
Type: IBM Security Bulletin 6824717 (SPSS Collaboration and Deployment Services)
Vulnerabilities in IBM Semeru Runtime affect SPSS Collaboration and Deployment Services (CVE-2022-21496, CVE-2022-21426)

Source: CCN
Type: IBM Security Bulletin 6824903 (UrbanCode Velocity)
Multiple Java DOS vulnerabilities detected

Source: CCN
Type: IBM Security Bulletin 6825989 (Robotic Process Automation)
Multiple security vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak

Source: CCN
Type: IBM Security Bulletin 6967221 (Java)
CVE-2022-21426 may affect IBM? SDK, Java? Technology Edition

Source: CCN
Type: IBM Security Bulletin 6980375 (WebSphere Application Server)
Multiple vulnerabilities in IBM? Java SDK affect IBM WebSphere Application Server and IBM WebSphere Application Server Liberty due to January 2023 CPU plus deferred CVE-2022-21426

Source: CCN
Type: IBM Security Bulletin 6980889 (PureData System for Operational Analytics)
Multiple vulnerabilities in IBM SDK, Java Technology Edition Quarterly CPU -April 2022 to January 2023 affects AIX LPARs in IBM PureData System for Operational Analytics

Source: CCN
Type: IBM Security Bulletin 6985311 (Watson Discovery)
IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in Java

Source: CCN
Type: IBM Security Bulletin 6985649 (Rational Functional Tester)
Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Functional Tester

Source: CCN
Type: IBM Security Bulletin 6987143 (Sterling Secure Proxy)
IBM Sterling Secure Proxy is vulnerable to multiple vulnerabilities due to IBM Java Runtime

Source: CCN
Type: IBM Security Bulletin 6987177 (Sterling External Authentication Server)
IBM Sterling External Authentication Server is vulnerable to multiple vulnerabilities due to IBM Java Runtime

Source: CCN
Type: IBM Security Bulletin 6987815 (Business Automation Workflow)
Multiple CVEs - Vulnerabilities in IBM Java Runtime affect IBM Integration Designer used in IBM Business Automation Workflow and IBM Business Process Manager

Source: CCN
Type: IBM Security Bulletin 6988347 (InfoSphere Information Server)
Multiple vulnerabilities in IBM Java SDK (January 2023) affect IBM InfoSphere Information Server

Source: CCN
Type: IBM Security Bulletin 6988351 (Cloud Transformation Advisor)
IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6991667 (Tivoli Monitoring)
Vulnerabilities in IBM Java included with IBM Tivoli Monitoring.

Source: CCN
Type: IBM Security Bulletin 6995185 (WebSphere Service Registry and Repository)
Multiple vulnerabilities in IBM Java SDK affect WebSphere Service Registry and Repository due to October 2022 CPU and January 2023 CPU plus deferred CVE-2022-21426 and CVE-2022-3676

Source: CCN
Type: IBM Security Bulletin 6995887 (AIX)
Multiple vulnerabilities in IBM Java SDK affect AIX

Source: CCN
Type: IBM Security Bulletin 6997919 (Tivoli Application Dependency Discovery Manager)
TADDM affected by multiple vulnerabilities due to IBM Java and its runtime

Source: CCN
Type: IBM Security Bulletin 6998677 (Sterling Connect Direct Browser)
IBM Sterling Connect:Direct Browser User Interface vulnerable to multiple issues due to IBM Runtime Environment Java

Source: CCN
Type: IBM Security Bulletin 6998685 (Sterling Connect:Direct Web Services)
IBM Sterling Connect:Direct Web Services is vulnerable to multiple vulnerabilities due to IBM Java

Source: CCN
Type: IBM Security Bulletin 6998705 (Power HMC)
Vulnerability in IBM Java (CVE-2022-21426) affects Power HMC

Source: CCN
Type: IBM Security Bulletin 6999295 (Liberty for Java for Cloud)
Multiple Vulnerabilities in IBM Java SDK affects Liberty for Java for IBM Cloud due to the January 2023 CPU plus deferred CVE-2022-21426

Source: CCN
Type: IBM Security Bulletin 6999555 (Data Risk Manager)
IBM Data Risk Manager is affected by multiple vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6999743 (Business Automation Workflow)
Multiple vulnerabilities in IBM Java Runtime affects IBM Process Designer 8.5.7 shipped with IBM Business Automation Workflow

Source: CCN
Type: IBM Security Bulletin 7001287 (Business Automation Workflow containers)
Multiple vulnerabilities in IBM Java SDK and WebSphere Application Server Liberty profile affect IBM Business Automation Workflow containers

Source: CCN
Type: IBM Security Bulletin 7004709 (Rational Performance Tester)
A vulnerability in IBM Java SDK and IBM Java Runtime affects Rational Performance Tester.

Source: CCN
Type: IBM Security Bulletin 7004711 (Rational Service Tester)
A vulnerability in IBM Java SDK and IBM Java Runtime affect Rational Service Tester.

Source: CCN
Type: IBM Security Bulletin 7004723 (Sterling Control Center)
IBM Sterling Control Center is vulnerable to denial of service attack due to Java SE (CVE-2022-21426)

Source: CCN
Type: IBM Security Bulletin 7006377 (Storage Protect Operations Center)
IBM Storage Protect Operations Center is vulnerable to denial of service due to Java SE (CVE-2022-21426)

Source: CCN
Type: IBM Security Bulletin 7006391 (Storage Protect)
IBM Storage Protect Server is vulnerable to denial of service due to Java SE (CVE-2022-21426)

Source: CCN
Type: IBM Security Bulletin 7006407 (Rational Business Developer)
Vulnerability in IBM Java SDK and IBM Java Runtime affects Rational Business Developer

Source: CCN
Type: IBM Security Bulletin 7007387 (Content Collector)
CVE-2022-21426 may affect JAXP component in Java SE used by Content Collector for Email, Content Collector for File Systems and Content Collector for Microsoft SharePoint

Source: CCN
Type: IBM Security Bulletin 7007579 (Tivoli Netcool/Impact)
A security vulnerability in IBM Java SDK affects IBM Tivoli Netcool Impact (CVE-2022-21426)

Source: CCN
Type: IBM Security Bulletin 7007581 (Tivoli Business Service Manager)
Vulnerability in IBM Java SDK affects IBM Tivoli Business Service Manager (CVE-2022-21426)

Source: CCN
Type: IBM Security Bulletin 7007755 (CICS TX Advanced)
CVE-2022-21426 may affect IBM SDK, Java Technology Edition shipped with IBM CICS TX Advanced

Source: CCN
Type: IBM Security Bulletin 7007759 (CICS TX Standard)
CVE-2022-21426 may affect IBM SDK, Java Technology Edition shipped with IBM CICS TX Standard

Source: CCN
Type: IBM Security Bulletin 7007763 (TXSeries for Multiplatforms)
CVE-2022-21426 may affect IBM SDK, Java Technology Edition shipped with IBM TXSeries for Multiplatforms

Source: CCN
Type: IBM Security Bulletin 7008335 (CICS Transaction Gateway)
Multiple vulnerabilities may affect CICS Transaction Gateway for Multiplatforms and CICS Transaction Gateway Desktop Edition.

Source: CCN
Type: IBM Security Bulletin 7008991 (App Connect Enterprise)
Multiple vulnerabilities in IBM SDK Java affect IBM App Connect Enterprise and IBM Integration Bus

Source: CCN
Type: Oracle CPUApr2022
Oracle Critical Patch Update Advisory - April 2022

Source: secalert_us@oracle.com
Type: Patch, Vendor Advisory
secalert_us@oracle.com

Vulnerable Configuration:

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:7:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:7::client:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:7::computenode:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:7::server:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:7::workstation:*:*:*:*:*

Configuration RedHat 6:

cpe:/a:redhat:enterprise_linux:8:*:*:*:*:*:*:*

Configuration RedHat 7:

cpe:/a:redhat:enterprise_linux:8::appstream:*:*:*:*:*

Configuration RedHat 8:

cpe:/a:redhat:enterprise_linux:8::crb:*:*:*:*:*

Configuration RedHat 9:

cpe:/a:redhat:enterprise_linux:9:*:*:*:*:*:*:*

Configuration RedHat 10:

cpe:/a:redhat:enterprise_linux:9::appstream:*:*:*:*:*

Configuration RedHat 11:

cpe:/a:redhat:enterprise_linux:9::crb:*:*:*:*:*

Configuration CCN 1:

cpe:/a:oracle:java_se:8u321:*:*:*:*:*:*:*

OR cpe:/a:oracle:graalvm:20.3.5:*:*:*:enterprise:*:*:*

OR cpe:/a:oracle:graalvm:21.3.1:*:*:*:enterprise:*:*:*

OR cpe:/a:oracle:graalvm:22.0.0.2:*:*:*:enterprise:*:*:*

OR cpe:/a:oracle:java_se:11.0.14:*:*:*:*:*:*:*

OR cpe:/a:oracle:java_se:17.0.2:*:*:*:*:*:*:*

OR cpe:/a:oracle:java_se:18:*:*:*:*:*:*:*

AND

cpe:/a:ibm:websphere_application_server:8.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:cics_transaction_gateway:9.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_monitoring:6.3.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:cics_transaction_gateway:9.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_service_registry_and_repository:8.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_netcool/impact:7.1.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:content_collector:4.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:txseries:8.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:txseries:8.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_business_developer:9.5:*:*:*:*:*:*:*

OR cpe:/o:ibm:aix:7.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:9.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:infosphere_information_server:11.7:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_functional_tester:9.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_monitoring:6.3.0.7:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_performance_tester:9.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:::~~liberty~~~:*:*:*:*:*

OR cpe:/a:ibm:app_connect:11.0.0.1:*:*:*:enterprise:*:*:*

OR cpe:/a:ibm:tivoli_business_service_manager:6.2.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_functional_tester:9.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:java:7.1.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:java:8.0.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:vios:3.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_transformation_advisor:2.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:business_automation_workflow:19.0.0.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:txseries:9.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_application_dependency_discovery_manager:7.3.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_business_developer:9.6:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_service_tester:9.5:*:*:*:soa_quality:*:*:*

OR cpe:/a:ibm:business_automation_workflow:20.0.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_service_tester:9.2:*:*:*:soa_quality:*:*:*

OR cpe:/a:ibm:app_connect_enterprise:12.0.1.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:sterling_secure_proxy:6.0.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:secure_external_authentication_server:6.0.3:*:*:*:*:*:*:*

OR cpe:/o:ibm:aix:7.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:business_automation_workflow:21.0.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:business_automation_workflow:20.0.0.1:-:*:*:containers:*:*:*

OR cpe:/a:ibm:business_automation_workflow:20.0.0.1:*:*:*:traditional:*:*:*

OR cpe:/a:ibm:business_automation_workflow:20.0.0.2:*:*:*:traditional:*:*:*

OR cpe:/a:ibm:business_automation_workflow:21.0.1:*:*:*:traditional:*:*:*

OR cpe:/a:ibm:business_automation_workflow:20.0.0.2:-:*:*:containers:*:*:*

OR cpe:/a:ibm:business_automation_workflow:21.0.3:-:*:*:containers:*:*:*

OR cpe:/a:ibm:business_automation_workflow:21.0.2:-:*:*:containers:*:*:*

OR cpe:/a:ibm:robotic_process_automation:21.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:robotic_process_automation:21.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:cics_tx:11.1:*:*:*:standard:*:*:*

OR cpe:/a:ibm:cics_tx:11.1:*:*:*:advanced:*:*:*

OR cpe:/a:ibm:business_automation_workflow:22.0.1:-:*:*:containers:*:*:*

OR cpe:/a:ibm:robotic_process_automation:21.0.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:business_automation_workflow:22.0.1:-:*:*:containers:*:*:*

OR cpe:/a:ibm:business_automation_workflow:22.0.1:*:*:*:traditional:*:*:*

OR cpe:/a:ibm:business_automation_workflow:21.0.3.1:*:*:*:traditional:*:*:*

OR cpe:/a:ibm:cics_transaction_gateway:9.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:business_automation_workflow:22.0.2:-:*:*:containers:*:*:*

OR cpe:/a:ibm:sterling_external_authentication_server:6.1.0:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:8079	P	java-1_8_0-ibm-1.8.0_sr8.0-150000.3.71.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:8080	P	java-1_8_0-openjdk-1.8.0.362-150000.3.76.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:7535	P	java-11-openjdk-11.0.19.0-150000.3.96.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:7536	P	java-17-openjdk-17.0.7.0-150400.3.18.2 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:730	P	Security update for java-1_8_0-openj9 (Important)	2022-09-06
oval:org.opensuse.security:def:664	P	Security update for java-1_8_0-ibm (Important)	2022-08-03
oval:org.opensuse.security:def:3723	P	Security update for java-1_8_0-ibm (Important)	2022-08-03
oval:org.opensuse.security:def:119647	P	Security update for java-1_8_0-ibm (Important)	2022-08-03
oval:org.opensuse.security:def:119462	P	Security update for java-1_8_0-ibm (Important)	2022-08-03
oval:org.opensuse.security:def:95353	P	Security update for java-1_8_0-ibm (Important)	2022-08-03
oval:org.opensuse.security:def:126926	P	Security update for java-1_7_1-ibm (Important)	2022-07-23
oval:org.opensuse.security:def:127324	P	Security update for java-1_8_0-ibm (Important)	2022-07-23
oval:org.opensuse.security:def:125762	P	Security update for java-1_7_1-ibm (Important)	2022-07-23
oval:org.opensuse.security:def:126927	P	Security update for java-1_8_0-ibm (Important)	2022-07-23
oval:org.opensuse.security:def:5298	P	Security update for java-1_7_1-ibm (Important)	2022-07-23
oval:org.opensuse.security:def:125763	P	Security update for java-1_8_0-ibm (Important)	2022-07-23
oval:org.opensuse.security:def:6106	P	Security update for java-1_7_1-ibm (Important)	2022-07-23
oval:org.opensuse.security:def:5301	P	Security update for java-1_8_0-ibm (Important)	2022-07-23
oval:org.opensuse.security:def:6109	P	Security update for java-1_8_0-ibm (Important)	2022-07-23
oval:org.opensuse.security:def:127323	P	Security update for java-1_7_1-ibm (Important)	2022-07-23
oval:org.opensuse.security:def:3721	P	Security update for java-1_8_0-openjdk (Important)	2022-07-22
oval:org.opensuse.security:def:6103	P	Security update for java-1_8_0-openjdk (Important)	2022-07-22
oval:org.opensuse.security:def:119637	P	Security update for java-1_8_0-openjdk (Important)	2022-07-22
oval:org.opensuse.security:def:119452	P	Security update for java-1_8_0-openjdk (Important)	2022-07-22
oval:org.opensuse.security:def:95351	P	Security update for java-1_8_0-openjdk (Important)	2022-07-22
oval:org.opensuse.security:def:127320	P	Security update for java-1_8_0-openjdk (Important)	2022-07-22
oval:org.opensuse.security:def:593	P	Security update for java-1_8_0-openjdk (Important)	2022-07-22
oval:org.opensuse.security:def:126923	P	Security update for java-1_8_0-openjdk (Important)	2022-07-22
oval:org.opensuse.security:def:125759	P	Security update for java-1_8_0-openjdk (Important)	2022-07-22
oval:org.opensuse.security:def:3732	P	opie-2.4-724.56 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:94586	P	java-11-openjdk-11.0.15.0-150000.3.80.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94587	P	java-17-openjdk-17.0.3.0-150400.1.8 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:2956	P	java-11-openjdk-11.0.15.0-150000.3.80.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:2957	P	java-17-openjdk-17.0.3.0-150400.1.8 on GA media (Moderate)	2022-06-22
oval:com.redhat.rhsa:def:20221728	P	RHSA-2022:1728: java-11-openjdk security update (Important)	2022-05-17
oval:com.redhat.rhsa:def:20221729	P	RHSA-2022:1729: java-17-openjdk security update (Important)	2022-05-17
oval:com.redhat.rhsa:def:20222137	P	RHSA-2022:2137: java-1.8.0-openjdk security update (Important)	2022-05-17
oval:org.opensuse.security:def:119572	P	Security update for java-11-openjdk (Important)	2022-05-03
oval:org.opensuse.security:def:118700	P	Security update for java-11-openjdk (Important)	2022-05-03
oval:org.opensuse.security:def:95362	P	Security update for java-11-openjdk (Important)	2022-05-03
oval:org.opensuse.security:def:94019	P	(Important)	2022-05-03
oval:org.opensuse.security:def:1511	P	Security update for java-11-openjdk (Important)	2022-05-03
oval:org.opensuse.security:def:119387	P	Security update for java-11-openjdk (Important)	2022-05-03
oval:org.opensuse.security:def:118890	P	Security update for java-11-openjdk (Important)	2022-05-03
oval:org.opensuse.security:def:94231	P	(Important)	2022-05-03
oval:org.opensuse.security:def:468	P	Security update for java-11-openjdk (Important)	2022-05-03
oval:org.opensuse.security:def:119087	P	Security update for java-11-openjdk (Important)	2022-05-03
oval:org.opensuse.security:def:94440	P	(Important)	2022-05-03
oval:org.opensuse.security:def:93805	P	(Important)	2022-05-03
oval:org.opensuse.security:def:879	P	Security update for java-11-openjdk (Important)	2022-05-03
oval:org.opensuse.security:def:119197	P	Security update for java-11-openjdk (Important)	2022-05-03
oval:org.opensuse.security:def:6023	P	Security update for java-11-openjdk (Important)	2022-04-29
oval:com.redhat.rhsa:def:20221491	P	RHSA-2022:1491: java-1.8.0-openjdk security update (Important)	2022-04-25
oval:com.redhat.rhsa:def:20221487	P	RHSA-2022:1487: java-1.8.0-openjdk security, bug fix, and enhancement update (Important)	2022-04-25
oval:org.opensuse.security:def:101625	P	Security update for java-11-openjdk (Important) (in QA)	2022-04-21
oval:org.opensuse.security:def:102093	P	Security update for java-11-openjdk (Important) (in QA)	2022-04-21
oval:com.redhat.rhsa:def:20221440	P	RHSA-2022:1440: java-11-openjdk security, bug fix, and enhancement update (Important)	2022-04-20
oval:com.redhat.rhsa:def:20221442	P	RHSA-2022:1442: java-11-openjdk security update (Important)	2022-04-20
oval:com.redhat.rhsa:def:20221445	P	RHSA-2022:1445: java-17-openjdk security and bug fix update (Important)	2022-04-20