Want to get paid for a vulnerability similar to this one?
Contact us at: firstname.lastname@example.org
The following advisory describes two (2) vulnerabilities found in Oracle Java JDK/JRE (126.96.36.199 and previous versions) packages and Apache Xerces (2.11.0)
The vulnerabilities are:
- Oracle JDK/JRE Concurrency-Related Denial of Service
- java.net.URLConnection (with no setConnectTimeout) Concurrency-Related Denial of Service
An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program
Oracle acknowledged receiving the report, and has assigned it a tracking number: S0876966. We have no further information on patch availability or a workaround.