{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"state": "REJECTED", "cveId": "CVE-2022-40433", "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "dateUpdated": "2024-02-16T23:22:28.065Z", "dateReserved": "2022-09-11T00:00:00", "datePublished": "2023-08-22T00:00:00", "dateRejected": "2024-02-16T23:22:28.065Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle", "dateUpdated": "2024-02-16T23:22:28.065Z"}, "rejectedReasons": [{"lang": "en", "value": "** REJECT ** This CVE ID has been rejected by its CNA as it was not a security issue."}]}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Rejected reason: ** REJECT ** This CVE ID has been rejected by its CNA as it was not a security issue."}], "id": "CVE-2022-40433", "lastModified": "2024-02-17T00:15:08.577", "metrics": {}, "published": "2023-08-22T19:16:24.010", "references": [], "sourceIdentifier": "secalert_us@oracle.com", "vulnStatus": "Rejected"}

{"affected_release": [{"advisory": "RHSA-2023:5725", "cpe": "cpe:/a:redhat:openjdk:1.8", "package": "Linux", "product_name": "Red Hat Build of OpenJDK 8u392", "release_date": "2023-10-18T00:00:00Z"}, {"advisory": "RHSA-2023:5731", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "java-1.8.0-openjdk-1:1.8.0.392.b08-4.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2023-10-18T00:00:00Z"}, {"advisory": "RHSA-2023:5727", "cpe": "cpe:/a:redhat:rhel_e4s:8.1", "package": "java-1.8.0-openjdk-1:1.8.0.392.b08-2.el8_1", "product_name": "Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions", "release_date": "2023-10-18T00:00:00Z"}, {"advisory": "RHSA-2023:5728", "cpe": "cpe:/a:redhat:rhel_aus:8.2", "package": "java-1.8.0-openjdk-1:1.8.0.392.b08-2.el8_2", "product_name": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "release_date": "2023-10-18T00:00:00Z"}, {"advisory": "RHSA-2023:5728", "cpe": "cpe:/a:redhat:rhel_tus:8.2", "package": "java-1.8.0-openjdk-1:1.8.0.392.b08-2.el8_2", "product_name": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service", "release_date": "2023-10-18T00:00:00Z"}, {"advisory": "RHSA-2023:5728", "cpe": "cpe:/a:redhat:rhel_e4s:8.2", "package": "java-1.8.0-openjdk-1:1.8.0.392.b08-2.el8_2", "product_name": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions", "release_date": "2023-10-18T00:00:00Z"}, {"advisory": "RHSA-2023:5729", "cpe": "cpe:/a:redhat:rhel_aus:8.4", "package": "java-1.8.0-openjdk-1:1.8.0.392.b08-2.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "release_date": "2023-10-18T00:00:00Z"}, {"advisory": "RHSA-2023:5729", "cpe": "cpe:/a:redhat:rhel_tus:8.4", "package": "java-1.8.0-openjdk-1:1.8.0.392.b08-2.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", "release_date": "2023-10-18T00:00:00Z"}, {"advisory": "RHSA-2023:5729", "cpe": "cpe:/a:redhat:rhel_e4s:8.4", "package": "java-1.8.0-openjdk-1:1.8.0.392.b08-2.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", "release_date": "2023-10-18T00:00:00Z"}, {"advisory": "RHSA-2023:5730", "cpe": "cpe:/a:redhat:rhel_eus:8.6", "package": "java-1.8.0-openjdk-1:1.8.0.392.b08-2.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Extended Update Support", "release_date": "2023-10-18T00:00:00Z"}, {"advisory": "RHSA-2023:5733", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "java-1.8.0-openjdk-1:1.8.0.392.b08-3.el9", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2023-10-18T00:00:00Z"}, {"advisory": "RHSA-2023:5732", "cpe": "cpe:/a:redhat:rhel_eus:9.0", "package": "java-1.8.0-openjdk-1:1.8.0.392.b08-2.el9_0", "product_name": "Red Hat Enterprise Linux 9.0 Extended Update Support", "release_date": "2023-10-18T00:00:00Z"}], "bugzilla": {"description": "OpenJDK: segmentation fault in ciMethodBlocks", "id": "2237709", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237709"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.9", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-400", "details": ["A vulnerability was found in OpenJDK. This issue occurs in the ciMethodBlocks::make_block_at function in OpenJDK (HotSpot VM) 8 (11 and 17 are fixed starting from 11.0.17 and 17.0.5 respectively), and may allow an attacker to cause a denial of service."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2022-40433", "package_state": [{"cpe": "cpe:/a:redhat:openjdk:11", "fix_state": "Not affected", "package_name": "Linux", "product_name": "Red Hat build of OpenJDK 11"}, {"cpe": "cpe:/a:redhat:openjdk:11", "fix_state": "Not affected", "package_name": "Windows", "product_name": "Red Hat build of OpenJDK 11"}, {"cpe": "cpe:/a:redhat:openjdk:17", "fix_state": "Not affected", "package_name": "Linux", "product_name": "Red Hat build of OpenJDK 17"}, {"cpe": "cpe:/a:redhat:openjdk:17", "fix_state": "Not affected", "package_name": "Windows", "product_name": "Red Hat build of OpenJDK 17"}, {"cpe": "cpe:/a:redhat:openjdk:1.8", "fix_state": "Not affected", "package_name": "Windows", "product_name": "Red Hat build of OpenJDK 1.8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "java-1.6.0-openjdk", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "java-1.7.0-openjdk", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "java-1.8.0-openjdk", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "java-11-openjdk", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "java-1.6.0-openjdk", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "java-1.7.0-openjdk", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "java-1.8.0-openjdk", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "java-11-openjdk", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "java-17-openjdk", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "java-11-openjdk", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "java-17-openjdk", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2023-08-23T13:15:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-40433\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-40433"], "threat_severity": "Moderate"}

{}