You are here

Oracle CPU January 2022 - Airlock Gateway and IAM

CVE-2021-22959, CVE-2022-21349, CVE-2022-21291, CVE-2022-21305, CVE-2022-21277, CVE-2022-21360, CVE-2022-21365, CVE-2022-21366, CVE-2022-21282, CVE-2022-21296, CVE-2022-21299, CVE-2022-21271, CVE-2022-21283, CVE-2022-21293, CVE-2022-21294, CVE-2022-21340
java, cpu, Oracle Critical Patch Update

The Oracle Critical Patch Update for January 2022 includes updates for Java SE [1] that fix 18 Java SE vulnerabilities.

Airlock Gateway uses Java in the Configuration Center and in several add-on modules.

Airlock IAM before version 7.0 relies on a separately installed Java environment and the Java runtime environment is maintained by the system administrator.

No action required for Airlock Gateway and IAM.


Affected JVM (Oracle GraalVM Enterprise Edition) not used by Airlock Gateway/IAM.

CVE-2022-21349, CVE-2022-21291, CVE-2022-21305, CVE-2022-21277, CVE-2022-21360, CVE-2022-21365, CVE-2022-21366, CVE-2022-21282, CVE-2022-21296, CVE-2022-21299, CVE-2022-21271, CVE-2022-21283, CVE-2022-21293, CVE-2022-21294, CVE-2022-21340, CVE-2022-21341, CVE-2022-21248
Does not affect Java deployments, typically in servers, that load and run only trusted code.


General Advice: We strongly recommend to update all client deployments of Java and uninstalling Java from clients where it is not needed.

Airlock Vulnerability Status: 
Does not affect Airlock
Back-end Vulnerability Status: 
No action required