VYPR

apk package

chainguard/openjdk-8-openj9-doc

pkg:apk/chainguard/openjdk-8-openj9-doc

Vulnerabilities (609)

  • CVE-2008-5355Dec 5, 2008
    affected < 0.59.0-r1fixed 0.59.0-r1

    The "Java Update" feature for Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier does not verify the signature of the JRE that is downloaded, which allows remote attackers to exec

  • CVE-2008-5354Dec 5, 2008
    affected < 0.59.0-r1fixed 0.59.0-r1

    Stack-based buffer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows locally-launched and possibly remote untrusted Java applications to execute arbitrary code

  • CVE-2008-5353Dec 5, 2008
    affected < 0.59.0-r1fixed 0.59.0-r1

    The Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier does not properly enforce context of ZoneInfo objects during deserialization, which allows remote attackers to run untrusted

  • CVE-2008-5352Dec 5, 2008
    affected < 0.59.0-r1fixed 0.59.0-r1

    Integer overflow in the JAR unpacking utility (unpack200) in the unpack library (unpack.dll) in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier, and JDK and JRE 5.0 Update 16 and earlier, allows untrusted applications and applets to gain privileges via

  • CVE-2008-5351Dec 5, 2008
    affected < 0.59.0-r1fixed 0.59.0-r1

    Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier accepts UTF-8 encodings that are not the "shortest" form, which makes it easier for attackers to bypass protection mechanisms fo

  • CVE-2008-5350Dec 5, 2008
    affected < 0.59.0-r1fixed 0.59.0-r1

    Unspecified vulnerability in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows untrusted applications and applets to list the contents of the operating user's directory vi

  • CVE-2008-5349Dec 5, 2008
    affected < 0.59.0-r1fixed 0.59.0-r1

    Unspecified vulnerability in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier, and JDK and JRE 5.0 Update 16 and earlier, allows remote attackers to cause a denial of service (CPU consumption) via a crafted RSA public key.

  • CVE-2008-5348Dec 5, 2008
    affected < 0.59.0-r1fixed 0.59.0-r1

    Unspecified vulnerability in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier, when using Kerberos authentication, allows remote attackers to cause a denial of service (OS resou

  • CVE-2008-5347Dec 5, 2008
    affected < 0.59.0-r1fixed 0.59.0-r1

    Multiple unspecified vulnerabilities in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier allow untrusted applets and applications to gain privileges via vectors related to access to inner classes in the (1) JAX-WS and (2) JAXB packages.

  • CVE-2008-5344Dec 5, 2008
    affected < 0.59.0-r1fixed 0.59.0-r1

    Unspecified vulnerability in Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows untrusted applets to read arbitrary files and make unauthorized network connections

  • CVE-2008-5343Dec 5, 2008
    affected < 0.59.0-r1fixed 0.59.0-r1

    Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows remote attackers to make unauthorized network connections and hijack HTTP sessions via a crafted file that valida

  • CVE-2008-5342Dec 5, 2008
    affected < 0.59.0-r1fixed 0.59.0-r1

    Unspecified vulnerability in the BasicService for Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows untrusted downloaded applications to cause local files to be di

  • CVE-2008-5341Dec 5, 2008
    affected < 0.59.0-r1fixed 0.59.0-r1

    Unspecified vulnerability in Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier, and JDK and JRE 5.0 Update 16 and earlier, allows untrusted JWS applications to obtain the pathname of the JWS cache and the application username via unknown vectors,

  • CVE-2008-5340Dec 5, 2008
    affected < 0.59.0-r1fixed 0.59.0-r1

    Unspecified vulnerability in Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows untrusted JWS applications to gain privileges to access local files or applications

  • CVE-2008-5339Dec 5, 2008
    affected < 0.59.0-r1fixed 0.59.0-r1

    Unspecified vulnerability in Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows untrusted JWS applications to perform network connections to unauthorized hosts via

  • CVE-2008-2086Dec 5, 2008
    affected < 0.59.0-r1fixed 0.59.0-r1

    Sun Java Web Start and Java Plug-in for JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allow remote attackers to execute arbitrary code via a crafted jnlp file that modifies the (1) java.home, (2) java.ext.dirs, or

  • CVE-2008-3115Jul 9, 2008
    affected < 0.59.0-r1fixed 0.59.0-r1

    Secure Static Versioning in Sun Java JDK and JRE 6 Update 6 and earlier, and 5.0 Update 6 through 15, does not properly prevent execution of applets on older JRE releases, which might allow remote attackers to exploit vulnerabilities in these older releases.

  • CVE-2008-3114Jul 9, 2008
    affected < 0.59.0-r1fixed 0.59.0-r1

    Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to obtain sensitive information (the cache location) via an untrusted application, aka CR 6

  • CVE-2008-3113Jul 9, 2008
    affected < 0.59.0-r1fixed 0.59.0-r1

    Unspecified vulnerability in Sun Java Web Start in JDK and JRE 5.0 before Update 16 and SDK and JRE 1.4.x before 1.4.2_18 allows remote attackers to create or delete arbitrary files via an untrusted application, aka CR 6704077.

  • CVE-2008-3112Jul 9, 2008
    affected < 0.59.0-r1fixed 0.59.0-r1

    Directory traversal vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows remote attackers to create arbitrary files via the writeManifest method in the CacheEntry class, aka CR 6703909

Page 30 of 31