CVE-2019-2602
Description
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Java SE, Java SE Embedded. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1017u211, 8u201, 8u202, 11.0.2, 12+ 1 more
- (no CPE)range: 7u211, 8u201, 8u202, 11.0.2, 12
- (no CPE)range: Java SE: 7u211, 8u202, 11.0.2, 12
- Range: 8u201
- osv-coords98 versionspkg:apk/chainguard/openjdk-11-openj9pkg:apk/chainguard/openjdk-11-openj9-dbgpkg:apk/chainguard/openjdk-11-openj9-default-jdkpkg:apk/chainguard/openjdk-11-openj9-default-jvmpkg:apk/chainguard/openjdk-11-openj9-default-policypkg:apk/chainguard/openjdk-11-openj9-docpkg:apk/chainguard/openjdk-11-openj9-jmodspkg:apk/chainguard/openjdk-11-openj9-jrepkg:apk/chainguard/openjdk-17-openj9pkg:apk/chainguard/openjdk-17-openj9-dbgpkg:apk/chainguard/openjdk-17-openj9-default-jdkpkg:apk/chainguard/openjdk-17-openj9-default-jvmpkg:apk/chainguard/openjdk-17-openj9-default-policypkg:apk/chainguard/openjdk-17-openj9-docpkg:apk/chainguard/openjdk-17-openj9-jmodspkg:apk/chainguard/openjdk-17-openj9-jrepkg:apk/chainguard/openjdk-21-openj9pkg:apk/chainguard/openjdk-21-openj9-dbgpkg:apk/chainguard/openjdk-21-openj9-default-jdkpkg:apk/chainguard/openjdk-21-openj9-default-jvmpkg:apk/chainguard/openjdk-21-openj9-default-policypkg:apk/chainguard/openjdk-21-openj9-docpkg:apk/chainguard/openjdk-21-openj9-jmodspkg:apk/chainguard/openjdk-21-openj9-jrepkg:apk/chainguard/openjdk-25-openj9-default-jvmpkg:apk/chainguard/openjdk-25-openj9-jmodspkg:apk/chainguard/openjdk-8-openj9pkg:apk/chainguard/openjdk-8-openj9-dbgpkg:apk/chainguard/openjdk-8-openj9-default-jdkpkg:apk/chainguard/openjdk-8-openj9-default-jvmpkg:apk/chainguard/openjdk-8-openj9-docpkg:apk/chainguard/openjdk-8-openj9-jrepkg:rpm/opensuse/java-11-openjdk&distro=openSUSE%20Leap%2015.0pkg:rpm/opensuse/java-11-openjdk&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/java-13-openjdk&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/java-15-openjdk&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/java-1_8_0-openjdk&distro=openSUSE%20Leap%2015.0pkg:rpm/opensuse/java-1_8_0-openjdk&distro=openSUSE%20Tumbleweedpkg:rpm/suse/java-1_7_0-openjdk&distro=SUSE%20Enterprise%20Storage%204pkg:rpm/suse/java-1_7_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3pkg:rpm/suse/java-1_7_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP4pkg:rpm/suse/java-1_7_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSSpkg:rpm/suse/java-1_7_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCLpkg:rpm/suse/java-1_7_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSSpkg:rpm/suse/java-1_7_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/java-1_7_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4pkg:rpm/suse/java-1_7_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSSpkg:rpm/suse/java-1_7_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1pkg:rpm/suse/java-1_7_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/java-1_7_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/java-1_7_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4pkg:rpm/suse/java-1_7_0-openjdk&distro=SUSE%20OpenStack%20Cloud%207pkg:rpm/suse/java-1_7_1-ibm&distro=SUSE%20Enterprise%20Storage%204pkg:rpm/suse/java-1_7_1-ibm&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSSpkg:rpm/suse/java-1_7_1-ibm&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSSpkg:rpm/suse/java-1_7_1-ibm&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCLpkg:rpm/suse/java-1_7_1-ibm&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSSpkg:rpm/suse/java-1_7_1-ibm&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/java-1_7_1-ibm&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4pkg:rpm/suse/java-1_7_1-ibm&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSSpkg:rpm/suse/java-1_7_1-ibm&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1pkg:rpm/suse/java-1_7_1-ibm&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/java-1_7_1-ibm&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/java-1_7_1-ibm&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4pkg:rpm/suse/java-1_7_1-ibm&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3pkg:rpm/suse/java-1_7_1-ibm&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP4pkg:rpm/suse/java-1_7_1-ibm&distro=SUSE%20OpenStack%20Cloud%207pkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Enterprise%20Storage%204pkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015pkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP1pkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSSpkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCLpkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSSpkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4pkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1pkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4pkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3pkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP4pkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20OpenStack%20Cloud%207pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Enterprise%20Storage%204pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP4pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP1pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSSpkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCLpkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSSpkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20OpenStack%20Cloud%207
< 0.53.0-r0+ 97 more
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.59.0-r1
- (no CPE)range: < 0.59.0-r1
- (no CPE)range: < 0.53.0-r1
- (no CPE)range: < 0.53.0-r1
- (no CPE)range: < 0.53.0-r1
- (no CPE)range: < 0.53.0-r1
- (no CPE)range: < 0.53.0-r1
- (no CPE)range: < 0.53.0-r1
- (no CPE)range: < 11.0.3.0-lp150.2.16.1
- (no CPE)range: < 11.0.12.0-3.1
- (no CPE)range: < 13.0.8.0-3.1
- (no CPE)range: < 15.0.4.0-2.1
- (no CPE)range: < 1.8.0.212-lp150.2.16.1
- (no CPE)range: < 1.8.0.302-2.2
- (no CPE)range: < 1.7.0.221-43.22.1
- (no CPE)range: < 1.7.0.221-43.22.1
- (no CPE)range: < 1.7.0.221-43.22.1
- (no CPE)range: < 1.7.0.221-43.22.1
- (no CPE)range: < 1.7.0.221-43.22.1
- (no CPE)range: < 1.7.0.221-43.22.1
- (no CPE)range: < 1.7.0.221-43.22.1
- (no CPE)range: < 1.7.0.221-43.22.1
- (no CPE)range: < 1.7.0.221-43.22.1
- (no CPE)range: < 1.7.0.221-43.22.1
- (no CPE)range: < 1.7.0.221-43.22.1
- (no CPE)range: < 1.7.0.221-43.22.1
- (no CPE)range: < 1.7.0.221-43.22.1
- (no CPE)range: < 1.7.0.221-43.22.1
- (no CPE)range: < 1.7.1_sr4.45-38.37.1
- (no CPE)range: < 1.7.1_sr4.45-26.40.1
- (no CPE)range: < 1.7.1_sr4.45-38.37.1
- (no CPE)range: < 1.7.1_sr4.45-38.37.1
- (no CPE)range: < 1.7.1_sr4.45-38.37.1
- (no CPE)range: < 1.7.1_sr4.45-38.37.1
- (no CPE)range: < 1.7.1_sr4.45-38.37.1
- (no CPE)range: < 1.7.1_sr4.45-38.37.1
- (no CPE)range: < 1.7.1_sr4.45-38.37.1
- (no CPE)range: < 1.7.1_sr4.45-38.37.1
- (no CPE)range: < 1.7.1_sr4.45-38.37.1
- (no CPE)range: < 1.7.1_sr4.45-38.37.1
- (no CPE)range: < 1.7.1_sr4.45-38.37.1
- (no CPE)range: < 1.7.1_sr4.45-38.37.1
- (no CPE)range: < 1.7.1_sr4.45-38.37.1
- (no CPE)range: < 1.8.0_sr5.35-30.50.1
- (no CPE)range: < 1.8.0_sr5.35-3.20.1
- (no CPE)range: < 1.8.0_sr5.35-3.20.1
- (no CPE)range: < 1.8.0_sr5.35-30.50.1
- (no CPE)range: < 1.8.0_sr5.35-30.50.1
- (no CPE)range: < 1.8.0_sr5.35-30.50.1
- (no CPE)range: < 1.8.0_sr5.35-30.50.1
- (no CPE)range: < 1.8.0_sr5.35-30.50.1
- (no CPE)range: < 1.8.0_sr5.35-30.50.1
- (no CPE)range: < 1.8.0_sr5.35-30.50.1
- (no CPE)range: < 1.8.0_sr5.35-30.50.1
- (no CPE)range: < 1.8.0_sr5.35-30.50.1
- (no CPE)range: < 1.8.0_sr5.35-30.50.1
- (no CPE)range: < 1.8.0_sr5.35-30.50.1
- (no CPE)range: < 1.8.0_sr5.35-30.50.1
- (no CPE)range: < 1.8.0.212-27.32.1
- (no CPE)range: < 1.8.0.212-27.32.1
- (no CPE)range: < 1.8.0.212-27.32.1
- (no CPE)range: < 1.8.0.212-3.19.1
- (no CPE)range: < 1.8.0.212-3.19.1
- (no CPE)range: < 1.8.0.212-3.19.1
- (no CPE)range: < 1.8.0.212-27.32.1
- (no CPE)range: < 1.8.0.212-27.32.1
- (no CPE)range: < 1.8.0.212-27.32.1
- (no CPE)range: < 1.8.0.212-27.32.1
- (no CPE)range: < 1.8.0.212-27.32.1
- (no CPE)range: < 1.8.0.212-27.32.1
- (no CPE)range: < 1.8.0.212-27.32.1
- (no CPE)range: < 1.8.0.212-27.32.1
- (no CPE)range: < 1.8.0.212-27.32.1
- (no CPE)range: < 1.8.0.212-27.32.1
Patches
Vulnerability mechanics
References
21- www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.htmlnvdPatchVendor Advisory
- lists.opensuse.org/opensuse-security-announce/2019-05/msg00007.htmlnvdThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2019-05/msg00058.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2019-06/msg00013.htmlnvdMailing ListThird Party Advisory
- access.redhat.com/errata/RHBA-2019:0959nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2019:1146nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2019:1163nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2019:1164nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2019:1165nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2019:1166nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2019:1238nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2019:1325nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2019:1518nvdThird Party Advisory
- kc.mcafee.com/corporate/indexnvdThird Party Advisory
- lists.debian.org/debian-lts-announce/2019/05/msg00011.htmlnvdMailing ListThird Party Advisory
- seclists.org/bugtraq/2019/May/75nvdMailing ListThird Party Advisory
- security.gentoo.org/glsa/201908-10nvdThird Party Advisory
- support.hpe.com/hpsc/doc/public/displaynvdThird Party Advisory
- usn.ubuntu.com/3975-1/nvdThird Party Advisory
- www.debian.org/security/2019/dsa-4453nvdThird Party Advisory
News mentions
0No linked articles in our index yet.