apk package

chainguard/openjdk-25-openj9-jmods

pkg:apk/chainguard/openjdk-25-openj9-jmods

Vulnerabilities (603)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2016-9843	Cri	9.8	< 0.59.0-r1	0.59.0-r1	May 23, 2017	The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.
CVE-2016-9842	Hig	8.8	< 0.59.0-r1	0.59.0-r1	May 23, 2017	The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers.
CVE-2016-9841	Cri	9.8	< 0.59.0-r1	0.59.0-r1	May 23, 2017	inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
CVE-2016-9840	Hig	8.8	< 0.59.0-r1	0.59.0-r1	May 23, 2017	inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
CVE-2017-3544	Low	3.7	< 0.59.0-r1	0.59.0-r1	Apr 24, 2017	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthen
CVE-2017-3539	Low	3.1	< 0.59.0-r1	0.59.0-r1	Apr 24, 2017	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121. Difficult to exploit vulnerability allows unauthenticated attacker with network
CVE-2017-3533	Low	3.7	< 0.59.0-r1	0.59.0-r1	Apr 24, 2017	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthen
CVE-2017-3526	Med	5.9	< 0.59.0-r1	0.59.0-r1	Apr 24, 2017	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthenticate
CVE-2017-3514	Hig	8.3	< 0.59.0-r1	0.59.0-r1	Apr 24, 2017	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java
CVE-2017-3512	Hig	8.3	< 0.59.0-r1	0.59.0-r1	Apr 24, 2017	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 7u131 and 8u121. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Su
CVE-2017-3511	Hig	7.7	< 0.59.0-r1	0.59.0-r1	Apr 24, 2017	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthenticated attack
CVE-2017-3509	Med	4.2	< 0.59.0-r1	0.59.0-r1	Apr 24, 2017	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121. Difficult to exploit vulnerability allows unauthenticated attacker with networ
CVE-2017-3289	Cri	9.6	< 0.59.0-r1	0.59.0-r1	Jan 27, 2017	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via
CVE-2017-3272	Cri	9.6	< 0.59.0-r1	0.59.0-r1	Jan 27, 2017	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network a
CVE-2017-3262	Med	5.3	< 0.59.0-r1	0.59.0-r1	Jan 27, 2017	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java Mission Control). The supported version that is affected is Java SE: 8u112. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java
CVE-2017-3261	Med	4.3	< 0.59.0-r1	0.59.0-r1	Jan 27, 2017	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network
CVE-2017-3260	Hig	8.3	< 0.59.0-r1	0.59.0-r1	Jan 27, 2017	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 7u121 and 8u112. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Su
CVE-2017-3259	Low	3.7	< 0.59.0-r1	0.59.0-r1	Jan 27, 2017	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromi
CVE-2017-3253	Hig	7.5	< 0.59.0-r1	0.59.0-r1	Jan 27, 2017	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated at
CVE-2017-3252	Med	5.8	< 0.59.0-r1	0.59.0-r1	Jan 27, 2017	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAAS). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Difficult to exploit vulnerability allows low privileged

CVE-2016-9843CriMay 23, 2017
affected < 0.59.0-r1fixed 0.59.0-r1
The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.
CVE-2016-9842HigMay 23, 2017
affected < 0.59.0-r1fixed 0.59.0-r1
The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers.
CVE-2016-9841CriMay 23, 2017
affected < 0.59.0-r1fixed 0.59.0-r1
inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
CVE-2016-9840HigMay 23, 2017
affected < 0.59.0-r1fixed 0.59.0-r1
inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
CVE-2017-3544LowApr 24, 2017
affected < 0.59.0-r1fixed 0.59.0-r1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthen
CVE-2017-3539LowApr 24, 2017
affected < 0.59.0-r1fixed 0.59.0-r1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121. Difficult to exploit vulnerability allows unauthenticated attacker with network
CVE-2017-3533LowApr 24, 2017
affected < 0.59.0-r1fixed 0.59.0-r1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthen
CVE-2017-3526MedApr 24, 2017
affected < 0.59.0-r1fixed 0.59.0-r1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthenticate
CVE-2017-3514HigApr 24, 2017
affected < 0.59.0-r1fixed 0.59.0-r1
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java
CVE-2017-3512HigApr 24, 2017
affected < 0.59.0-r1fixed 0.59.0-r1
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 7u131 and 8u121. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Su
CVE-2017-3511HigApr 24, 2017
affected < 0.59.0-r1fixed 0.59.0-r1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthenticated attack
CVE-2017-3509MedApr 24, 2017
affected < 0.59.0-r1fixed 0.59.0-r1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121. Difficult to exploit vulnerability allows unauthenticated attacker with networ
CVE-2017-3289CriJan 27, 2017
affected < 0.59.0-r1fixed 0.59.0-r1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via
CVE-2017-3272CriJan 27, 2017
affected < 0.59.0-r1fixed 0.59.0-r1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network a
CVE-2017-3262MedJan 27, 2017
affected < 0.59.0-r1fixed 0.59.0-r1
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java Mission Control). The supported version that is affected is Java SE: 8u112. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java
CVE-2017-3261MedJan 27, 2017
affected < 0.59.0-r1fixed 0.59.0-r1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network
CVE-2017-3260HigJan 27, 2017
affected < 0.59.0-r1fixed 0.59.0-r1
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 7u121 and 8u112. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Su
CVE-2017-3259LowJan 27, 2017
affected < 0.59.0-r1fixed 0.59.0-r1
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromi
CVE-2017-3253HigJan 27, 2017
affected < 0.59.0-r1fixed 0.59.0-r1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated at
CVE-2017-3252MedJan 27, 2017
affected < 0.59.0-r1fixed 0.59.0-r1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAAS). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Difficult to exploit vulnerability allows low privileged

Page 16 of 31