apk package

chainguard/openjdk-26-openj9-jre

pkg:apk/chainguard/openjdk-26-openj9-jre

Vulnerabilities (532)

CVE	CVSS	Affected versions	Fixed in	Published	Description
CVE-2008-3114	—	< 0.59.0-r1	0.59.0-r1	Jul 9, 2008	Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to obtain sensitive information (the cache location) via an untrusted application, aka CR 6
CVE-2008-3113	—	< 0.59.0-r1	0.59.0-r1	Jul 9, 2008	Unspecified vulnerability in Sun Java Web Start in JDK and JRE 5.0 before Update 16 and SDK and JRE 1.4.x before 1.4.2_18 allows remote attackers to create or delete arbitrary files via an untrusted application, aka CR 6704077.
CVE-2008-3112	—	< 0.59.0-r1	0.59.0-r1	Jul 9, 2008	Directory traversal vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows remote attackers to create arbitrary files via the writeManifest method in the CacheEntry class, aka CR 6703909
CVE-2008-3110	—	< 0.59.0-r1	0.59.0-r1	Jul 9, 2008	Unspecified vulnerability in scripting language support in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier allows remote attackers to obtain sensitive information by using an applet to read information from another applet.
CVE-2008-3109	—	< 0.59.0-r1	0.59.0-r1	Jul 9, 2008	Unspecified vulnerability in scripting language support in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet th
CVE-2008-3107	—	< 0.59.0-r1	0.59.0-r1	Jul 9, 2008	Unspecified vulnerability in the Virtual Machine in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to gain privileges via an untrusted (1) application
CVE-2008-3106	—	< 0.59.0-r1	0.59.0-r1	Jul 9, 2008	Unspecified vulnerability in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier and JDK and JRE 5.0 Update 15 and earlier allows remote attackers to access URLs via unknown vectors involving processing of XML data by an untrusted (1) application or (2) apple
CVE-2008-3105	—	< 0.59.0-r1	0.59.0-r1	Jul 9, 2008	Unspecified vulnerability in the JAX-WS client and service in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier allows remote attackers to access URLs or cause a denial of service via unknown vectors involving "processing of XML data" by a trusted applicati
CVE-2008-3103	—	< 0.59.0-r1	0.59.0-r1	Jul 9, 2008	Unspecified vulnerability in the Java Management Extensions (JMX) management agent in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier and JDK and JRE 5.0 Update 15 and earlier, when local monitoring is enabled, allows remote attackers to "perform unauthor
CVE-2008-1191	—	< 0.59.0-r1	0.59.0-r1	Mar 6, 2008	Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier allows remote attackers to create arbitrary files via an untrusted application, a different issue than CVE-2008-1190, aka "The fifth issue."
CVE-2008-1187	—	< 0.59.0-r1	0.59.0-r1	Mar 6, 2008	Unspecified vulnerability in Sun Java Runtime Environment (JRE) and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to cause a denial of service (JRE crash) and possibly execute arbitrary code via unknown vectors rel
CVE-2007-3716	—	< 0.59.0-r1	0.59.0-r1	Jul 11, 2007	The Java XML Digital Signature implementation in Sun JDK and JRE 6 before Update 2 does not properly process XSLT stylesheets in XSLT transforms in XML signatures, which allows context-dependent attackers to execute arbitrary code via a crafted stylesheet, a related issue to CVE-

CVE-2008-3114Jul 9, 2008
affected < 0.59.0-r1fixed 0.59.0-r1
Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to obtain sensitive information (the cache location) via an untrusted application, aka CR 6
CVE-2008-3113Jul 9, 2008
affected < 0.59.0-r1fixed 0.59.0-r1
Unspecified vulnerability in Sun Java Web Start in JDK and JRE 5.0 before Update 16 and SDK and JRE 1.4.x before 1.4.2_18 allows remote attackers to create or delete arbitrary files via an untrusted application, aka CR 6704077.
CVE-2008-3112Jul 9, 2008
affected < 0.59.0-r1fixed 0.59.0-r1
Directory traversal vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows remote attackers to create arbitrary files via the writeManifest method in the CacheEntry class, aka CR 6703909
CVE-2008-3110Jul 9, 2008
affected < 0.59.0-r1fixed 0.59.0-r1
Unspecified vulnerability in scripting language support in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier allows remote attackers to obtain sensitive information by using an applet to read information from another applet.
CVE-2008-3109Jul 9, 2008
affected < 0.59.0-r1fixed 0.59.0-r1
Unspecified vulnerability in scripting language support in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet th
CVE-2008-3107Jul 9, 2008
affected < 0.59.0-r1fixed 0.59.0-r1
Unspecified vulnerability in the Virtual Machine in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to gain privileges via an untrusted (1) application
CVE-2008-3106Jul 9, 2008
affected < 0.59.0-r1fixed 0.59.0-r1
Unspecified vulnerability in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier and JDK and JRE 5.0 Update 15 and earlier allows remote attackers to access URLs via unknown vectors involving processing of XML data by an untrusted (1) application or (2) apple
CVE-2008-3105Jul 9, 2008
affected < 0.59.0-r1fixed 0.59.0-r1
Unspecified vulnerability in the JAX-WS client and service in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier allows remote attackers to access URLs or cause a denial of service via unknown vectors involving "processing of XML data" by a trusted applicati
CVE-2008-3103Jul 9, 2008
affected < 0.59.0-r1fixed 0.59.0-r1
Unspecified vulnerability in the Java Management Extensions (JMX) management agent in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier and JDK and JRE 5.0 Update 15 and earlier, when local monitoring is enabled, allows remote attackers to "perform unauthor
CVE-2008-1191Mar 6, 2008
affected < 0.59.0-r1fixed 0.59.0-r1
Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier allows remote attackers to create arbitrary files via an untrusted application, a different issue than CVE-2008-1190, aka "The fifth issue."
CVE-2008-1187Mar 6, 2008
affected < 0.59.0-r1fixed 0.59.0-r1
Unspecified vulnerability in Sun Java Runtime Environment (JRE) and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to cause a denial of service (JRE crash) and possibly execute arbitrary code via unknown vectors rel
CVE-2007-3716Jul 11, 2007
affected < 0.59.0-r1fixed 0.59.0-r1
The Java XML Digital Signature implementation in Sun JDK and JRE 6 before Update 2 does not properly process XSLT stylesheets in XSLT transforms in XML signatures, which allows context-dependent attackers to execute arbitrary code via a crafted stylesheet, a related issue to CVE-

Page 27 of 27