VYPR

rpm package

opensuse/java-17-openj9&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/java-17-openj9&distro=openSUSE%20Tumbleweed

Vulnerabilities (43)

  • CVE-2024-20945Feb 17, 2024
    affected < 17.0.10.0-1.1fixed 17.0.10.0-1.1

    Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK: 17.0.9, 21

  • CVE-2024-20921Feb 17, 2024
    affected < 17.0.10.0-1.1fixed 17.0.10.0-1.1

    Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK: 17.0.9, 21.

  • CVE-2024-20918HigJan 16, 2024
    affected < 17.0.10.0-1.1fixed 17.0.10.0-1.1

    Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK: 17.0.9, 21.

  • CVE-2023-5676MedNov 15, 2023
    affected < 17.0.9.0-1.1fixed 17.0.9.0-1.1

    In Eclipse OpenJ9 before version 0.41.0, the JVM can be forced into an infinite busy hang on a spinlock or a segmentation fault if a shutdown signal (SIGTERM, SIGINT or SIGHUP) is received before the JVM has finished initializing.

  • CVE-2023-22081MedOct 17, 2023
    affected < 17.0.9.0-1.1fixed 17.0.9.0-1.1

    Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Oracle

  • CVE-2023-22025LowOct 17, 2023
    affected < 17.0.9.0-1.1fixed 17.0.9.0-1.1

    Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition, product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u381-perf, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Oracle GraalVM Ent

  • CVE-2023-22045LowJul 18, 2023
    affected < 17.0.8.0-1.1fixed 17.0.8.0-1.1

    Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u371, 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition:

  • CVE-2023-22041MedJul 18, 2023
    affected < 17.0.8.0-1.1fixed 17.0.8.0-1.1

    Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10

  • CVE-2023-22006LowJul 18, 2023
    affected < 17.0.8.0-1.1fixed 17.0.8.0-1.1

    Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6,

  • CVE-2023-2597HigMay 22, 2023
    affected < 17.0.8.0-1.1fixed 17.0.8.0-1.1

    In Eclipse Openj9 before version 0.38.0, in the implementation of the shared cache (which is enabled by default in OpenJ9 builds) the size of a string is not properly checked against the size of the buffer.

  • CVE-2023-21968LowApr 18, 2023
    affected < 17.0.8.0-1.1fixed 17.0.8.0-1.1

    Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1

  • CVE-2023-21954MedApr 18, 2023
    affected < 17.0.8.0-1.1fixed 17.0.8.0-1.1

    Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Diff

  • CVE-2023-21938LowApr 18, 2023
    affected < 17.0.8.0-1.1fixed 17.0.8.0-1.1

    Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0

  • CVE-2023-21930HigApr 18, 2023
    affected < 17.0.8.0-1.1fixed 17.0.8.0-1.1

    Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Dif

  • CVE-2023-25193HigFeb 4, 2023
    affected < 17.0.8.0-1.1fixed 17.0.8.0-1.1

    hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks.

  • CVE-2023-21843LowJan 18, 2023
    affected < 17.0.6.0-1.1fixed 17.0.6.0-1.1

    Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Sound). Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf, 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0

  • CVE-2023-21835MedJan 18, 2023
    affected < 17.0.6.0-1.1fixed 17.0.6.0-1.1

    Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Easily exploitable

  • CVE-2022-3676MedOct 24, 2022
    affected < 17.0.5.0-1.1fixed 17.0.5.0-1.1

    In Eclipse Openj9 before version 0.35.0, interface calls can be inlined without a runtime type check. Malicious bytecode could make use of this inlining to access or modify memory via an incompatible type.

  • CVE-2022-21628MedOct 18, 2022
    affected < 17.0.5.0-1.1fixed 17.0.5.0-1.1

    Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Lightweight HTTP Server). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 2

  • CVE-2022-21626MedOct 18, 2022
    affected < 17.0.5.0-1.1fixed 17.0.5.0-1.1

    Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily expl