apk package

chainguard/openjdk-25-openj9-default-jvm

pkg:apk/chainguard/openjdk-25-openj9-default-jvm

Vulnerabilities (326)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2016-5573	Hig	8.3	< 0.59.0-r1	0.59.0-r1	Oct 25, 2016	Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot, a different vulnerability than CVE-2016-5582.
CVE-2016-5568	Cri	9.6	< 0.59.0-r1	0.59.0-r1	Oct 25, 2016	Unspecified vulnerability in Oracle Java SE 6u121, 7u111, and 8u102 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT.
CVE-2016-3610	Cri	9.6	< 0.59.0-r1	0.59.0-r1	Jul 21, 2016	Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Libraries, a different vulnerability than CVE-2016-3598.
CVE-2016-3598	Cri	9.6	< 0.59.0-r1	0.59.0-r1	Jul 21, 2016	Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Libraries, a different vulnerability than CVE-2016-3610.
CVE-2016-3587	Cri	9.6	< 0.59.0-r1	0.59.0-r1	Jul 21, 2016	Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot.
CVE-2016-3552	Hig	8.1	< 0.59.0-r1	0.59.0-r1	Jul 21, 2016	Unspecified vulnerability in Oracle Java SE 8u92 allows local users to affect confidentiality, integrity, and availability via vectors related to Install.
CVE-2016-3550	Med	4.3	< 0.59.0-r1	0.59.0-r1	Jul 21, 2016	Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality via vectors related to Hotspot.
CVE-2016-3503	Hig	7.7	< 0.59.0-r1	0.59.0-r1	Jul 21, 2016	Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92 allows local users to affect confidentiality, integrity, and availability via vectors related to Install.
CVE-2016-3458	Med	4.3	< 0.59.0-r1	0.59.0-r1	Jul 21, 2016	Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; and Java SE Embedded 8u91 allows remote attackers to affect integrity via vectors related to CORBA.
CVE-2016-3449	Hig	8.3	< 0.59.0-r1	0.59.0-r1	Apr 21, 2016	Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Deployment.
CVE-2016-3425	Med	4.3	< 0.59.0-r1	0.59.0-r1	Apr 21, 2016	Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect availability via vectors related to JAXP.
CVE-2016-3422	Med	4.3	< 0.59.0-r1	0.59.0-r1	Apr 21, 2016	Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect availability via vectors related to 2D.
CVE-2016-0687	Cri	9.6	< 0.59.0-r1	0.59.0-r1	Apr 21, 2016	Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to the Hotspot sub-component.
CVE-2016-0483		—	< 0.59.0-r1	0.59.0-r1	Jan 21, 2016	Unspecified vulnerability in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the January 2016 CPU. O
CVE-2016-0475		—	< 0.59.0-r1	0.59.0-r1	Jan 21, 2016	Unspecified vulnerability in the Java SE, Java SE Embedded, and JRockit components in Oracle Java SE 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries.
CVE-2013-5850		—	< 0.59.0-r1	0.59.0-r1	Oct 16, 2013	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a dif
CVE-2013-5849		—	< 0.59.0-r1	0.59.0-r1	Oct 16, 2013	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to AWT.
CVE-2013-5846		—	< 0.59.0-r1	0.59.0-r1	Oct 16, 2013	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, and JavaFX 2.2.40 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX.
CVE-2013-5844		—	< 0.59.0-r1	0.59.0-r1	Oct 16, 2013	Unspecified vulnerability in Oracle Java SE 7u40 and earlier and JavaFX 2.2.40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX.
CVE-2013-5840		—	< 0.59.0-r1	0.59.0-r1	Oct 16, 2013	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries.

CVE-2016-5573HigOct 25, 2016
affected < 0.59.0-r1fixed 0.59.0-r1
Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot, a different vulnerability than CVE-2016-5582.
CVE-2016-5568CriOct 25, 2016
affected < 0.59.0-r1fixed 0.59.0-r1
Unspecified vulnerability in Oracle Java SE 6u121, 7u111, and 8u102 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT.
CVE-2016-3610CriJul 21, 2016
affected < 0.59.0-r1fixed 0.59.0-r1
Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Libraries, a different vulnerability than CVE-2016-3598.
CVE-2016-3598CriJul 21, 2016
affected < 0.59.0-r1fixed 0.59.0-r1
Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Libraries, a different vulnerability than CVE-2016-3610.
CVE-2016-3587CriJul 21, 2016
affected < 0.59.0-r1fixed 0.59.0-r1
Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot.
CVE-2016-3552HigJul 21, 2016
affected < 0.59.0-r1fixed 0.59.0-r1
Unspecified vulnerability in Oracle Java SE 8u92 allows local users to affect confidentiality, integrity, and availability via vectors related to Install.
CVE-2016-3550MedJul 21, 2016
affected < 0.59.0-r1fixed 0.59.0-r1
Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality via vectors related to Hotspot.
CVE-2016-3503HigJul 21, 2016
affected < 0.59.0-r1fixed 0.59.0-r1
Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92 allows local users to affect confidentiality, integrity, and availability via vectors related to Install.
CVE-2016-3458MedJul 21, 2016
affected < 0.59.0-r1fixed 0.59.0-r1
Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; and Java SE Embedded 8u91 allows remote attackers to affect integrity via vectors related to CORBA.
CVE-2016-3449HigApr 21, 2016
affected < 0.59.0-r1fixed 0.59.0-r1
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Deployment.
CVE-2016-3425MedApr 21, 2016
affected < 0.59.0-r1fixed 0.59.0-r1
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect availability via vectors related to JAXP.
CVE-2016-3422MedApr 21, 2016
affected < 0.59.0-r1fixed 0.59.0-r1
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect availability via vectors related to 2D.
CVE-2016-0687CriApr 21, 2016
affected < 0.59.0-r1fixed 0.59.0-r1
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to the Hotspot sub-component.
CVE-2016-0483Jan 21, 2016
affected < 0.59.0-r1fixed 0.59.0-r1
Unspecified vulnerability in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the January 2016 CPU. O
CVE-2016-0475Jan 21, 2016
affected < 0.59.0-r1fixed 0.59.0-r1
Unspecified vulnerability in the Java SE, Java SE Embedded, and JRockit components in Oracle Java SE 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries.
CVE-2013-5850Oct 16, 2013
affected < 0.59.0-r1fixed 0.59.0-r1
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a dif
CVE-2013-5849Oct 16, 2013
affected < 0.59.0-r1fixed 0.59.0-r1
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to AWT.
CVE-2013-5846Oct 16, 2013
affected < 0.59.0-r1fixed 0.59.0-r1
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, and JavaFX 2.2.40 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX.
CVE-2013-5844Oct 16, 2013
affected < 0.59.0-r1fixed 0.59.0-r1
Unspecified vulnerability in Oracle Java SE 7u40 and earlier and JavaFX 2.2.40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX.
CVE-2013-5840Oct 16, 2013
affected < 0.59.0-r1fixed 0.59.0-r1
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries.

Page 10 of 17