rpm package
almalinux/java-17-openjdk-jmods
pkg:rpm/almalinux/java-17-openjdk-jmods
Vulnerabilities (100)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-20932 | Hig | 7.5 | < 1:17.0.10.0.7-2.el9 | 1:17.0.10.0.7-2.el9 | Jan 16, 2024 | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 17.0.9; Oracle GraalVM for JDK: 17.0.9; Oracle GraalVM Enterprise Edition: 21. | |
| CVE-2024-20918 | Hig | 7.4 | < 1:17.0.10.0.7-2.el9 | 1:17.0.10.0.7-2.el9 | Jan 16, 2024 | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK: 17.0.9, 21. | |
| CVE-2023-48161 | Hig | 7.1 | < 1:17.0.13.0.11-3.el8 | 1:17.0.13.0.11-3.el8 | Nov 22, 2023 | Buffer Overflow vulnerability in GifLib Project GifLib v.5.2.1 allows a local attacker to obtain sensitive information via the DumpSCreen2RGB function in gif2rgb.c | |
| CVE-2023-22081 | Med | 5.3 | < 1:17.0.9.0.9-2.el8 | 1:17.0.9.0.9-2.el8 | Oct 17, 2023 | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Oracle | |
| CVE-2023-22025 | Low | 3.7 | < 1:17.0.9.0.9-2.el8 | 1:17.0.9.0.9-2.el8 | Oct 17, 2023 | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition, product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u381-perf, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Oracle GraalVM Ent | |
| CVE-2023-22049 | Low | 3.7 | < 1:17.0.8.0.7-2.el8 | 1:17.0.8.0.7-2.el8 | Jul 18, 2023 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u371, 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition | |
| CVE-2023-22045 | Low | 3.7 | < 1:17.0.8.0.7-2.el8 | 1:17.0.8.0.7-2.el8 | Jul 18, 2023 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u371, 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: | |
| CVE-2023-22044 | Low | 3.7 | < 1:17.0.8.0.7-2.el8 | 1:17.0.8.0.7-2.el8 | Jul 18, 2023 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u371-perf, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 21.3.6, 22.3.2; | |
| CVE-2023-22041 | Med | 5.1 | < 1:17.0.8.0.7-2.el8 | 1:17.0.8.0.7-2.el8 | Jul 18, 2023 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10 | |
| CVE-2023-22036 | Low | 3.7 | < 1:17.0.8.0.7-2.el8 | 1:17.0.8.0.7-2.el8 | Jul 18, 2023 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Utility). Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22 | |
| CVE-2023-22006 | Low | 3.1 | < 1:17.0.8.0.7-2.el8 | 1:17.0.8.0.7-2.el8 | Jul 18, 2023 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, | |
| CVE-2023-21968 | Low | 3.7 | < 1:17.0.7.0.7-1.el9_1 | 1:17.0.7.0.7-1.el9_1 | Apr 18, 2023 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1 | |
| CVE-2023-21967 | Med | 5.9 | < 1:17.0.7.0.7-1.el9_1 | 1:17.0.7.0.7-1.el9_1 | Apr 18, 2023 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Dif | |
| CVE-2023-21954 | Med | 5.9 | < 1:17.0.7.0.7-1.el9_1 | 1:17.0.7.0.7-1.el9_1 | Apr 18, 2023 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Diff | |
| CVE-2023-21939 | Med | 5.3 | < 1:17.0.7.0.7-1.el9_1 | 1:17.0.7.0.7-1.el9_1 | Apr 18, 2023 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Swing). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Ea | |
| CVE-2023-21938 | Low | 3.7 | < 1:17.0.7.0.7-1.el9_1 | 1:17.0.7.0.7-1.el9_1 | Apr 18, 2023 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0 | |
| CVE-2023-21937 | Low | 3.7 | < 1:17.0.7.0.7-1.el9_1 | 1:17.0.7.0.7-1.el9_1 | Apr 18, 2023 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3. | |
| CVE-2023-21930 | Hig | 7.4 | < 1:17.0.7.0.7-1.el9_1 | 1:17.0.7.0.7-1.el9_1 | Apr 18, 2023 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Dif | |
| CVE-2023-25193 | Hig | 7.5 | < 1:17.0.8.0.7-2.el8 | 1:17.0.8.0.7-2.el8 | Feb 4, 2023 | hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks. | |
| CVE-2023-21843 | Low | 3.7 | < 1:17.0.6.0.10-3.el8_7 | 1:17.0.6.0.10-3.el8_7 | Jan 18, 2023 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Sound). Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf, 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0 |
- affected < 1:17.0.10.0.7-2.el9fixed 1:17.0.10.0.7-2.el9
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 17.0.9; Oracle GraalVM for JDK: 17.0.9; Oracle GraalVM Enterprise Edition: 21.
- affected < 1:17.0.10.0.7-2.el9fixed 1:17.0.10.0.7-2.el9
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK: 17.0.9, 21.
- affected < 1:17.0.13.0.11-3.el8fixed 1:17.0.13.0.11-3.el8
Buffer Overflow vulnerability in GifLib Project GifLib v.5.2.1 allows a local attacker to obtain sensitive information via the DumpSCreen2RGB function in gif2rgb.c
- affected < 1:17.0.9.0.9-2.el8fixed 1:17.0.9.0.9-2.el8
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Oracle
- affected < 1:17.0.9.0.9-2.el8fixed 1:17.0.9.0.9-2.el8
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition, product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u381-perf, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Oracle GraalVM Ent
- affected < 1:17.0.8.0.7-2.el8fixed 1:17.0.8.0.7-2.el8
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u371, 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition
- affected < 1:17.0.8.0.7-2.el8fixed 1:17.0.8.0.7-2.el8
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u371, 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition:
- affected < 1:17.0.8.0.7-2.el8fixed 1:17.0.8.0.7-2.el8
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u371-perf, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 21.3.6, 22.3.2;
- affected < 1:17.0.8.0.7-2.el8fixed 1:17.0.8.0.7-2.el8
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10
- affected < 1:17.0.8.0.7-2.el8fixed 1:17.0.8.0.7-2.el8
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Utility). Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22
- affected < 1:17.0.8.0.7-2.el8fixed 1:17.0.8.0.7-2.el8
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6,
- affected < 1:17.0.7.0.7-1.el9_1fixed 1:17.0.7.0.7-1.el9_1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1
- affected < 1:17.0.7.0.7-1.el9_1fixed 1:17.0.7.0.7-1.el9_1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Dif
- affected < 1:17.0.7.0.7-1.el9_1fixed 1:17.0.7.0.7-1.el9_1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Diff
- affected < 1:17.0.7.0.7-1.el9_1fixed 1:17.0.7.0.7-1.el9_1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Swing). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Ea
- affected < 1:17.0.7.0.7-1.el9_1fixed 1:17.0.7.0.7-1.el9_1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0
- affected < 1:17.0.7.0.7-1.el9_1fixed 1:17.0.7.0.7-1.el9_1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.
- affected < 1:17.0.7.0.7-1.el9_1fixed 1:17.0.7.0.7-1.el9_1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Dif
- affected < 1:17.0.8.0.7-2.el8fixed 1:17.0.8.0.7-2.el8
hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks.
- affected < 1:17.0.6.0.10-3.el8_7fixed 1:17.0.6.0.10-3.el8_7
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Sound). Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf, 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0
Page 3 of 5