rpm package
opensuse/java-1_8_0-openj9&distro=openSUSE Leap 15.3
pkg:rpm/opensuse/java-1_8_0-openj9&distro=openSUSE%20Leap%2015.3
Vulnerabilities (43)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-3676 | — | < 1.8.0.352-150200.3.27.1 | 1.8.0.352-150200.3.27.1 | Oct 24, 2022 | In Eclipse Openj9 before version 0.35.0, interface calls can be inlined without a runtime type check. Malicious bytecode could make use of this inlining to access or modify memory via an incompatible type. | ||
| CVE-2022-21628 | — | < 1.8.0.352-150200.3.27.1 | 1.8.0.352-150200.3.27.1 | Oct 18, 2022 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Lightweight HTTP Server). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 2 | ||
| CVE-2022-21626 | — | < 1.8.0.352-150200.3.27.1 | 1.8.0.352-150200.3.27.1 | Oct 18, 2022 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily expl | ||
| CVE-2022-21624 | — | < 1.8.0.352-150200.3.27.1 | 1.8.0.352-150200.3.27.1 | Oct 18, 2022 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. D | ||
| CVE-2022-21619 | — | < 1.8.0.352-150200.3.27.1 | 1.8.0.352-150200.3.27.1 | Oct 18, 2022 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2. | ||
| CVE-2022-34169 | — | < 1.8.0.345-150200.3.24.1 | 1.8.0.345-150200.3.24.1 | Jul 19, 2022 | The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update t | ||
| CVE-2022-21541 | — | < 1.8.0.345-150200.3.24.1 | 1.8.0.345-150200.3.24.1 | Jul 19, 2022 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1. | ||
| CVE-2022-21540 | — | < 1.8.0.345-150200.3.24.1 | 1.8.0.345-150200.3.24.1 | Jul 19, 2022 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1. | ||
| CVE-2021-41041 | — | < 1.8.0.345-150200.3.24.1 | 1.8.0.345-150200.3.24.1 | Apr 27, 2022 | In Eclipse Openj9 before version 0.32.0, Java 8 & 11 fail to throw the exception captured during bytecode verification when verification is triggered by a MethodHandle invocation, allowing unverified methods to be invoked using MethodHandles. | ||
| CVE-2022-21496 | — | < 1.8.0.345-150200.3.24.1 | 1.8.0.345-150200.3.24.1 | Apr 19, 2022 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily e | ||
| CVE-2022-21476 | — | < 1.8.0.345-150200.3.24.1 | 1.8.0.345-150200.3.24.1 | Apr 19, 2022 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Eas | ||
| CVE-2022-21443 | — | < 1.8.0.345-150200.3.24.1 | 1.8.0.345-150200.3.24.1 | Apr 19, 2022 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Dif | ||
| CVE-2022-21434 | — | < 1.8.0.345-150200.3.24.1 | 1.8.0.345-150200.3.24.1 | Apr 19, 2022 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Eas | ||
| CVE-2022-21426 | — | < 1.8.0.345-150200.3.24.1 | 1.8.0.345-150200.3.24.1 | Apr 19, 2022 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily e | ||
| CVE-2022-21366 | — | < 1.8.0.322-3.21.2 | 1.8.0.322-3.21.2 | Jan 19, 2022 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability | ||
| CVE-2022-21365 | — | < 1.8.0.322-3.21.2 | 1.8.0.322-3.21.2 | Jan 19, 2022 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable | ||
| CVE-2022-21360 | — | < 1.8.0.322-3.21.2 | 1.8.0.322-3.21.2 | Jan 19, 2022 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable | ||
| CVE-2022-21341 | — | < 1.8.0.322-3.21.2 | 1.8.0.322-3.21.2 | Jan 19, 2022 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploi | ||
| CVE-2022-21340 | — | < 1.8.0.322-3.21.2 | 1.8.0.322-3.21.2 | Jan 19, 2022 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitabl | ||
| CVE-2022-21305 | — | < 1.8.0.322-3.21.2 | 1.8.0.322-3.21.2 | Jan 19, 2022 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable |
- CVE-2022-3676Oct 24, 2022affected < 1.8.0.352-150200.3.27.1fixed 1.8.0.352-150200.3.27.1
In Eclipse Openj9 before version 0.35.0, interface calls can be inlined without a runtime type check. Malicious bytecode could make use of this inlining to access or modify memory via an incompatible type.
- CVE-2022-21628Oct 18, 2022affected < 1.8.0.352-150200.3.27.1fixed 1.8.0.352-150200.3.27.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Lightweight HTTP Server). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 2
- CVE-2022-21626Oct 18, 2022affected < 1.8.0.352-150200.3.27.1fixed 1.8.0.352-150200.3.27.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily expl
- CVE-2022-21624Oct 18, 2022affected < 1.8.0.352-150200.3.27.1fixed 1.8.0.352-150200.3.27.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. D
- CVE-2022-21619Oct 18, 2022affected < 1.8.0.352-150200.3.27.1fixed 1.8.0.352-150200.3.27.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.
- CVE-2022-34169Jul 19, 2022affected < 1.8.0.345-150200.3.24.1fixed 1.8.0.345-150200.3.24.1
The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update t
- CVE-2022-21541Jul 19, 2022affected < 1.8.0.345-150200.3.24.1fixed 1.8.0.345-150200.3.24.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1.
- CVE-2022-21540Jul 19, 2022affected < 1.8.0.345-150200.3.24.1fixed 1.8.0.345-150200.3.24.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1.
- CVE-2021-41041Apr 27, 2022affected < 1.8.0.345-150200.3.24.1fixed 1.8.0.345-150200.3.24.1
In Eclipse Openj9 before version 0.32.0, Java 8 & 11 fail to throw the exception captured during bytecode verification when verification is triggered by a MethodHandle invocation, allowing unverified methods to be invoked using MethodHandles.
- CVE-2022-21496Apr 19, 2022affected < 1.8.0.345-150200.3.24.1fixed 1.8.0.345-150200.3.24.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily e
- CVE-2022-21476Apr 19, 2022affected < 1.8.0.345-150200.3.24.1fixed 1.8.0.345-150200.3.24.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Eas
- CVE-2022-21443Apr 19, 2022affected < 1.8.0.345-150200.3.24.1fixed 1.8.0.345-150200.3.24.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Dif
- CVE-2022-21434Apr 19, 2022affected < 1.8.0.345-150200.3.24.1fixed 1.8.0.345-150200.3.24.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Eas
- CVE-2022-21426Apr 19, 2022affected < 1.8.0.345-150200.3.24.1fixed 1.8.0.345-150200.3.24.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily e
- CVE-2022-21366Jan 19, 2022affected < 1.8.0.322-3.21.2fixed 1.8.0.322-3.21.2
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability
- CVE-2022-21365Jan 19, 2022affected < 1.8.0.322-3.21.2fixed 1.8.0.322-3.21.2
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable
- CVE-2022-21360Jan 19, 2022affected < 1.8.0.322-3.21.2fixed 1.8.0.322-3.21.2
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable
- CVE-2022-21341Jan 19, 2022affected < 1.8.0.322-3.21.2fixed 1.8.0.322-3.21.2
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploi
- CVE-2022-21340Jan 19, 2022affected < 1.8.0.322-3.21.2fixed 1.8.0.322-3.21.2
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitabl
- CVE-2022-21305Jan 19, 2022affected < 1.8.0.322-3.21.2fixed 1.8.0.322-3.21.2
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable
Page 1 of 3