{"id":"CVE-2020-14779","details":"Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.1 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).","modified":"2026-03-20T11:34:15.528103Z","published":"2020-10-21T15:15:18.217Z","related":["CGA-7f2g-xmm7-36c2","MGASA-2020-0418","SUSE-SU-2020:14587-1","SUSE-SU-2020:14588-1","SUSE-SU-2020:3159-1","SUSE-SU-2020:3191-1","SUSE-SU-2020:3310-1","SUSE-SU-2020:3359-1","SUSE-SU-2020:3460-1","SUSE-SU-2020:3932-1","SUSE-SU-2021:0019-1","SUSE-SU-2021:0032-1","openSUSE-SU-2020:1893-1","openSUSE-SU-2020:1984-1","openSUSE-SU-2020:1994-1","openSUSE-SU-2020:2048-1","openSUSE-SU-2020:2083-1","openSUSE-SU-2024:10870-1","openSUSE-SU-2024:10871-1","openSUSE-SU-2024:10872-1","openSUSE-SU-2024:10873-1","openSUSE-SU-2024:10876-1"],"references":[{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20201023-0004/"},{"type":"ADVISORY","url":"https://www.oracle.com/security-alerts/cpuoct2020.html"},{"type":"ADVISORY","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OMJMTXFJRONFT72YAEQNRFKYZZU4W3HD/"},{"type":"ADVISORY","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XKRGVMZT3EUUWKUA6DBT56FT3UOKPHQ2/"},{"type":"ADVISORY","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XVPLGNHNJ4UJ6IO6R2XXEKCTCI2DRPDQ/"},{"type":"ADVISORY","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YCKZAI4AWSKO5O5VDXHFFKNLOZGZ3KEE/"},{"type":"ADVISORY","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7XEONOP6JB7SD7AMUWZTLZF2L4QD546/"},{"type":"ADVISORY","url":"https://www.debian.org/security/2020/dsa-4779"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00041.html"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2020/10/msg00031.html"},{"type":"ADVISORY","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N6CJCO52DHIQJHLPF6HMTC5Z2VKFRQMY/"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/202101-19"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/openjdk/jdk15u","events":[{"introduced":"0"},{"last_affected":"38378b7ee032d70653b3f0d4205f2305cf4f1170"},{"introduced":"0"},{"last_affected":"0bd0f10d2c5965369490624627f16a39d35c8734"},{"introduced":"0"},{"last_affected":"925752098ba63b25c1cb635f50a53684d4094f8b"},{"introduced":"0"},{"last_affected":"cfa6e0878b1aff48b521ee21d2598abe7f4964c2"},{"introduced":"0"},{"last_affected":"7ff3916e57ab852014885c3e7bdb95e5c1ed8c1e"},{"introduced":"0"},{"last_affected":"493ac9ee8f9c4fb66b687bd740b8e1fb5ee8b86a"},{"introduced":"0"},{"last_affected":"6412341d454eee8a151cf89b51cabfb7b3d87140"},{"introduced":"0"},{"last_affected":"e9a2e84e45e1120aa306a01dfb087200f6a7f903"},{"introduced":"0"},{"last_affected":"7c18f827d7f096cbeb96b086a8516754f0c70221"},{"introduced":"0"},{"last_affected":"27cab0e0c87f124277c7afeb5dd6a8750443804e"},{"introduced":"0"},{"last_affected":"d38a1f186d640dede9fccb727ec98db3a413f9d8"},{"introduced":"0"},{"last_affected":"0d3829a2c5a70961ffc539865adc1442c1a30bb1"},{"introduced":"0"},{"last_affected":"69efabad3d8a2ff47a62a4626c574a56edec1cfd"},{"introduced":"0"},{"last_affected":"a9a271179d2a7952154b7509a999b100cc98b13c"},{"introduced":"0"},{"last_affected":"d5914f18390f71c9bdc333f66cbee6164eb7f857"},{"introduced":"0"},{"last_affected":"4a588d89f01a650d90432cc14697a5a2ae2c97d3"},{"introduced":"0"},{"last_affected":"4a588d89f01a650d90432cc14697a5a2ae2c97d3"},{"introduced":"0"},{"last_affected":"4a588d89f01a650d90432cc14697a5a2ae2c97d3"},{"introduced":"0"},{"last_affected":"62007a12b80f381c687f60825b20fe0bbeeb5eaa"},{"introduced":"0"},{"last_affected":"03c3f174ae28da8159edd2758b87d3b3cc71e848"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"7-update101"},{"introduced":"0"},{"last_affected":"7-update111"},{"introduced":"0"},{"last_affected":"7-update121"},{"introduced":"0"},{"last_affected":"7-update131"},{"introduced":"0"},{"last_affected":"7-update141"},{"introduced":"0"},{"last_affected":"7-update25"},{"introduced":"0"},{"last_affected":"8-update101"},{"introduced":"0"},{"last_affected":"8-update102"},{"introduced":"0"},{"last_affected":"8-update11"},{"introduced":"0"},{"last_affected":"8-update111"},{"introduced":"0"},{"last_affected":"8-update112"},{"introduced":"0"},{"last_affected":"8-update20"},{"introduced":"0"},{"last_affected":"8-update25"},{"introduced":"0"},{"last_affected":"11"},{"introduced":"0"},{"last_affected":"13"},{"introduced":"0"},{"last_affected":"15"},{"introduced":"0"},{"last_affected":"15"},{"introduced":"0"},{"last_affected":"15"},{"introduced":"0"},{"last_affected":"10.0"},{"introduced":"0"},{"last_affected":"15.2"}]}},{"type":"GIT","repo":"https://github.com/openjdk/jdk8u","events":[{"introduced":"0"},{"last_affected":"772d2a8fc0f3a6ae5dfcb1cbffc40a7999349bc6"},{"introduced":"0"},{"last_affected":"9205c421f33fd1938450d211369d3e2b7aec573d"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"8-update121"},{"introduced":"0"},{"last_affected":"8-update131"}]}}],"versions":["jdk7-b100","jdk7-b101","jdk7-b102","jdk7-b103","jdk7-b104","jdk7-b105","jdk7-b106","jdk7-b107","jdk7-b108","jdk7-b109","jdk7-b110","jdk7-b111","jdk7-b112","jdk7-b113","jdk7-b114","jdk7-b115","jdk7-b116","jdk7-b117","jdk7-b118","jdk7-b119","jdk7-b120","jdk7-b121","jdk7-b122","jdk7-b123","jdk7-b124","jdk7-b125","jdk7-b126","jdk7-b127","jdk7-b128","jdk7-b129","jdk7-b130","jdk7-b131","jdk7-b132","jdk7-b133","jdk7-b134","jdk7-b135","jdk7-b136","jdk7-b137","jdk7-b138","jdk7-b139","jdk7-b140","jdk7-b141","jdk7-b142","jdk7-b143","jdk7-b144","jdk7-b145","jdk7-b146","jdk7-b147","jdk7-b24","jdk7-b25","jdk7-b26","jdk7-b27","jdk7-b28","jdk7-b29","jdk7-b30","jdk7-b31","jdk7-b32","jdk7-b33","jdk7-b34","jdk7-b35","jdk7-b36","jdk7-b37","jdk7-b38","jdk7-b39","jdk7-b40","jdk7-b41","jdk7-b42","jdk7-b43","jdk7-b44","jdk7-b45","jdk7-b46","jdk7-b47","jdk7-b48","jdk7-b49","jdk7-b50","jdk7-b51","jdk7-b52","jdk7-b53","jdk7-b54","jdk7-b55","jdk7-b56","jdk7-b57","jdk7-b58","jdk7-b59","jdk7-b60","jdk7-b61","jdk7-b62","jdk7-b63","jdk7-b64","jdk7-b65","jdk7-b66","jdk7-b67","jdk7-b68","jdk7-b69","jdk7-b70","jdk7-b71","jdk7-b72","jdk7-b73","jdk7-b74","jdk7-b75","jdk7-b76","jdk7-b77","jdk7-b78","jdk7-b79","jdk7-b80","jdk7-b81","jdk7-b82","jdk7-b83","jdk7-b84","jdk7-b85","jdk7-b86","jdk7-b87","jdk7-b88","jdk7-b89","jdk7-b90","jdk7-b91","jdk7-b92","jdk7-b93","jdk7-b94","jdk7-b95","jdk7-b96","jdk7-b97","jdk7-b98","jdk7-b99","jdk8-b01","jdk8-b02","jdk8-b03","jdk8-b04","jdk8-b05","jdk8-b06","jdk8-b07","jdk8-b08","jdk8-b09","jdk8-b10","jdk8-b100","jdk8-b101","jdk8-b102","jdk8-b103","jdk8-b104","jdk8-b105","jdk8-b106","jdk8-b107","jdk8-b108","jdk8-b109","jdk8-b11","jdk8-b110","jdk8-b111","jdk8-b112","jdk8-b113","jdk8-b114","jdk8-b115","jdk8-b116","jdk8-b117","jdk8-b118","jdk8-b119","jdk8-b12","jdk8-b120","jdk8-b121","jdk8-b13","jdk8-b14","jdk8-b15","jdk8-b16","jdk8-b17","jdk8-b18","jdk8-b19","jdk8-b20","jdk8-b21","jdk8-b22","jdk8-b23","jdk8-b24","jdk8-b25","jdk8-b26","jdk8-b27","jdk8-b28","jdk8-b29","jdk8-b30","jdk8-b31","jdk8-b32","jdk8-b33","jdk8-b34","jdk8-b35","jdk8-b36","jdk8-b37","jdk8-b38","jdk8-b39","jdk8-b40","jdk8-b41","jdk8-b42","jdk8-b43","jdk8-b44","jdk8-b45","jdk8-b46","jdk8-b47","jdk8-b48","jdk8-b49","jdk8-b50","jdk8-b51","jdk8-b52","jdk8-b53","jdk8-b54","jdk8-b55","jdk8-b56","jdk8-b57","jdk8-b58","jdk8-b59","jdk8-b60","jdk8-b61","jdk8-b62","jdk8-b63","jdk8-b64","jdk8-b65","jdk8-b66","jdk8-b67","jdk8-b68","jdk8-b69","jdk8-b70","jdk8-b71","jdk8-b72","jdk8-b73","jdk8-b74","jdk8-b75","jdk8-b76","jdk8-b77","jdk8-b78","jdk8-b79","jdk8-b80","jdk8-b81","jdk8-b82","jdk8-b83","jdk8-b84","jdk8-b85","jdk8-b86","jdk8-b87","jdk8-b88","jdk8-b89","jdk8-b90","jdk8-b91","jdk8-b92","jdk8-b93","jdk8-b94","jdk8-b95","jdk8-b96","jdk8-b97","jdk8-b98","jdk8-b99"],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"7-NA"}]},{"events":[{"introduced":"0"},{"last_affected":"7-update1"}]},{"events":[{"introduced":"0"},{"last_affected":"7-update10"}]},{"events":[{"introduced":"0"},{"last_affected":"7-update11"}]},{"events":[{"introduced":"0"},{"last_affected":"7-update13"}]},{"events":[{"introduced":"0"},{"last_affected":"7-update15"}]},{"events":[{"introduced":"0"},{"last_affected":"7-update151"}]},{"events":[{"introduced":"0"},{"last_affected":"7-update161"}]},{"events":[{"introduced":"0"},{"last_affected":"7-update17"}]},{"events":[{"introduced":"0"},{"last_affected":"7-update171"}]},{"events":[{"introduced":"0"},{"last_affected":"7-update181"}]},{"events":[{"introduced":"0"},{"last_affected":"7-update191"}]},{"events":[{"introduced":"0"},{"last_affected":"7-update2"}]},{"events":[{"introduced":"0"},{"last_affected":"7-update201"}]},{"events":[{"introduced":"0"},{"last_affected":"7-update21"}]},{"events":[{"introduced":"0"},{"last_affected":"7-update211"}]},{"events":[{"introduced":"0"},{"last_affected":"7-update221"}]},{"events":[{"introduced":"0"},{"last_affected":"7-update231"}]},{"events":[{"introduced":"0"},{"last_affected":"7-update241"}]},{"events":[{"introduced":"0"},{"last_affected":"7-update251"}]},{"events":[{"introduced":"0"},{"last_affected":"7-update261"}]},{"events":[{"introduced":"0"},{"last_affected":"7-update271"}]},{"events":[{"introduced":"0"},{"last_affected":"8-NA"}]},{"events":[{"introduced":"0"},{"last_affected":"8-milestone1"}]},{"events":[{"introduced":"0"},{"last_affected":"8-milestone2"}]},{"events":[{"introduced":"0"},{"last_affected":"8-milestone3"}]},{"events":[{"introduced":"0"},{"last_affected":"8-milestone4"}]},{"events":[{"introduced":"0"},{"last_affected":"8-milestone5"}]},{"events":[{"introduced":"0"},{"last_affected":"8-milestone6"}]},{"events":[{"introduced":"0"},{"last_affected":"8-milestone7"}]},{"events":[{"introduced":"0"},{"last_affected":"8-milestone8"}]},{"events":[{"introduced":"0"},{"last_affected":"8-milestone9"}]},{"events":[{"introduced":"0"},{"last_affected":"8-update141"}]},{"events":[{"introduced":"0"},{"last_affected":"8-update151"}]},{"events":[{"introduced":"0"},{"last_affected":"8-update152"}]},{"events":[{"introduced":"0"},{"last_affected":"8-update161"}]},{"events":[{"introduced":"0"},{"last_affected":"8-update162"}]},{"events":[{"introduced":"0"},{"last_affected":"8-update171"}]},{"events":[{"introduced":"0"},{"last_affected":"8-update172"}]},{"events":[{"introduced":"0"},{"last_affected":"8-update181"}]},{"events":[{"introduced":"0"},{"last_affected":"8-update191"}]},{"events":[{"introduced":"0"},{"last_affected":"8-update192"}]},{"events":[{"introduced":"0"},{"last_affected":"8-update201"}]},{"events":[{"introduced":"0"},{"last_affected":"8-update202"}]},{"events":[{"introduced":"0"},{"last_affected":"8-update211"}]},{"events":[{"introduced":"0"},{"last_affected":"8-update212"}]},{"events":[{"introduced":"0"},{"last_affected":"8-update221"}]},{"events":[{"introduced":"0"},{"last_affected":"8-update222"}]},{"events":[{"introduced":"0"},{"last_affected":"8-update231"}]},{"events":[{"introduced":"0"},{"last_affected":"8-update232"}]},{"events":[{"introduced":"0"},{"last_affected":"8-update241"}]},{"events":[{"introduced":"0"},{"last_affected":"8-update242"}]},{"events":[{"introduced":"0"},{"last_affected":"8-update252"}]},{"events":[{"introduced":"0"},{"last_affected":"8-update262"}]},{"events":[{"introduced":"0"},{"last_affected":"11.0.1"}]},{"events":[{"introduced":"0"},{"last_affected":"11.0.2"}]},{"events":[{"introduced":"0"},{"last_affected":"11.0.3"}]},{"events":[{"introduced":"0"},{"last_affected":"11.0.4"}]},{"events":[{"introduced":"0"},{"last_affected":"11.0.5"}]},{"events":[{"introduced":"0"},{"last_affected":"11.0.6"}]},{"events":[{"introduced":"0"},{"last_affected":"11.0.7"}]},{"events":[{"introduced":"0"},{"last_affected":"11.0.8"}]},{"events":[{"introduced":"0"},{"last_affected":"13.0.1"}]},{"events":[{"introduced":"0"},{"last_affected":"13.0.2"}]},{"events":[{"introduced":"0"},{"last_affected":"13.0.3"}]},{"events":[{"introduced":"0"},{"last_affected":"13.0.4"}]},{"events":[{"introduced":"0"},{"last_affected":"1.7.0-update271"}]},{"events":[{"introduced":"0"},{"last_affected":"1.8.0-update261"}]},{"events":[{"introduced":"0"},{"last_affected":"11.0.8"}]},{"events":[{"introduced":"0"},{"last_affected":"1.7.0-update271"}]},{"events":[{"introduced":"0"},{"last_affected":"1.8.0-update261"}]},{"events":[{"introduced":"0"},{"last_affected":"11.0.8"}]},{"events":[{"introduced":"0"},{"last_affected":"9.0"}]},{"events":[{"introduced":"0"},{"last_affected":"31"}]},{"events":[{"introduced":"0"},{"last_affected":"32"}]},{"events":[{"introduced":"0"},{"last_affected":"33"}]},{"events":[{"introduced":"7.3"}]},{"events":[{"introduced":"9.5"}]},{"events":[{"introduced":"11.0.0"},{"last_affected":"11.60.3"}]}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-14779.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}]}