Java Vulnerability - 130010 # Vulnerability: Oracle Java SE 1.7.0_241 / 1.8.0_231 / 1.11.0_5 / 1.13.0_1

book

Article ID: 144361

calendar_today

Updated On:

Products

CA Application Test Service Virtualization

Issue/Introduction

130010
# Vulnerability: Oracle Java SE 1.7.0_241 / 1.8.0_231 / 1.11.0_5
/ 1.13.0_1 Multiple Vulnerabilities (Oct 2019 CPU) (Unix)
# Description: The version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is prior to 7 Update 241, 8 Update 231, 11 Update 5, or 13 Update 1. It is, therefore,
affected by multiple vulnerabilities related to the following components
:    - 2D   - Libraries   -
Kerberos   - Networking   - JavaFX   -
Hotspot   - Scripting   - Javadoc   -
Deployment   - Concurrency   - JAXP   -
Serialization   - Security  Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
# Solution: Upgrade to Oracle JDK / JRE 13 Update 1, 11 Update 5, 8 Update 231 / 7 Update 241 or later. 

Cause

N/A

Environment

Release : 10.5

Component : CA Service Virtualization

Resolution

As stated in the solution, upgrade to Java 8 update 231, please review this DevTest documentation link on how to replace the JVM delivered with DevTest 10.5.0:

https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/continuous-testing/devtest-solutions/10-5/system-requirements.html#concept.dita_35a30753963f7873a3337c5cb2a34c11189d2f00_SupplyingYourOwnJVM

Starting with DevTest 10.6.0, OpenJDK will be delivered with DevTest.