rpm package

opensuse/java-1_8_0-openj9&distro=openSUSE Leap 15.4

pkg:rpm/opensuse/java-1_8_0-openj9&distro=openSUSE%20Leap%2015.4

Vulnerabilities (29)

CVE	CVSS	Affected versions	Fixed in	Published	Description
CVE-2023-5676	—	< 1.8.0.392-150200.3.39.1	1.8.0.392-150200.3.39.1	Nov 15, 2023	In Eclipse OpenJ9 before version 0.41.0, the JVM can be forced into an infinite busy hang on a spinlock or a segmentation fault if a shutdown signal (SIGTERM, SIGINT or SIGHUP) is received before the JVM has finished initializing.
CVE-2023-22081	—	< 1.8.0.392-150200.3.39.1	1.8.0.392-150200.3.39.1	Oct 17, 2023	Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Oracle
CVE-2023-22067	—	< 1.8.0.392-150200.3.39.1	1.8.0.392-150200.3.39.1	Oct 17, 2023	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: CORBA). Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf; Oracle GraalVM Enterprise Edition: 20.3.11 and 21.3.7. Easily exploitable vulnerabili
CVE-2023-22049	—	< 1.8.0.382-150200.3.36.1	1.8.0.382-150200.3.36.1	Jul 18, 2023	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u371, 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition
CVE-2023-22045	—	< 1.8.0.382-150200.3.36.1	1.8.0.382-150200.3.36.1	Jul 18, 2023	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u371, 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition:
CVE-2023-2597	—	< 1.8.0.372-150200.3.33.2	1.8.0.372-150200.3.33.2	May 22, 2023	In Eclipse Openj9 before version 0.38.0, in the implementation of the shared cache (which is enabled by default in OpenJ9 builds) the size of a string is not properly checked against the size of the buffer.
CVE-2023-21968	—	< 1.8.0.372-150200.3.33.2	1.8.0.372-150200.3.33.2	Apr 18, 2023	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1
CVE-2023-21967	—	< 1.8.0.372-150200.3.33.2	1.8.0.372-150200.3.33.2	Apr 18, 2023	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Dif
CVE-2023-21954	—	< 1.8.0.372-150200.3.33.2	1.8.0.372-150200.3.33.2	Apr 18, 2023	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Diff
CVE-2023-21939	—	< 1.8.0.372-150200.3.33.2	1.8.0.372-150200.3.33.2	Apr 18, 2023	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Swing). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Ea
CVE-2023-21938	—	< 1.8.0.372-150200.3.33.2	1.8.0.372-150200.3.33.2	Apr 18, 2023	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0
CVE-2023-21937	—	< 1.8.0.372-150200.3.33.2	1.8.0.372-150200.3.33.2	Apr 18, 2023	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.
CVE-2023-21930	—	< 1.8.0.372-150200.3.33.2	1.8.0.372-150200.3.33.2	Apr 18, 2023	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Dif
CVE-2023-21843	—	< 1.8.0.362-150200.3.30.1	1.8.0.362-150200.3.30.1	Jan 17, 2023	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Sound). Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf, 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0
CVE-2023-21830	—	< 1.8.0.362-150200.3.30.1	1.8.0.362-150200.3.30.1	Jan 17, 2023	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf; Oracle GraalVM Enterprise Edition: 20.3.8 and 21.3.4. Easily exploitable vuln
CVE-2022-3676	—	< 1.8.0.352-150200.3.27.1	1.8.0.352-150200.3.27.1	Oct 24, 2022	In Eclipse Openj9 before version 0.35.0, interface calls can be inlined without a runtime type check. Malicious bytecode could make use of this inlining to access or modify memory via an incompatible type.
CVE-2022-21628	—	< 1.8.0.352-150200.3.27.1	1.8.0.352-150200.3.27.1	Oct 18, 2022	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Lightweight HTTP Server). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 2
CVE-2022-21626	—	< 1.8.0.352-150200.3.27.1	1.8.0.352-150200.3.27.1	Oct 18, 2022	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily expl
CVE-2022-21624	—	< 1.8.0.352-150200.3.27.1	1.8.0.352-150200.3.27.1	Oct 18, 2022	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. D
CVE-2022-21619	—	< 1.8.0.352-150200.3.27.1	1.8.0.352-150200.3.27.1	Oct 18, 2022	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.

CVE-2023-5676Nov 15, 2023
affected < 1.8.0.392-150200.3.39.1fixed 1.8.0.392-150200.3.39.1
In Eclipse OpenJ9 before version 0.41.0, the JVM can be forced into an infinite busy hang on a spinlock or a segmentation fault if a shutdown signal (SIGTERM, SIGINT or SIGHUP) is received before the JVM has finished initializing.
CVE-2023-22081Oct 17, 2023
affected < 1.8.0.392-150200.3.39.1fixed 1.8.0.392-150200.3.39.1
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Oracle
CVE-2023-22067Oct 17, 2023
affected < 1.8.0.392-150200.3.39.1fixed 1.8.0.392-150200.3.39.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: CORBA). Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf; Oracle GraalVM Enterprise Edition: 20.3.11 and 21.3.7. Easily exploitable vulnerabili
CVE-2023-22049Jul 18, 2023
affected < 1.8.0.382-150200.3.36.1fixed 1.8.0.382-150200.3.36.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u371, 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition
CVE-2023-22045Jul 18, 2023
affected < 1.8.0.382-150200.3.36.1fixed 1.8.0.382-150200.3.36.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u371, 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition:
CVE-2023-2597May 22, 2023
affected < 1.8.0.372-150200.3.33.2fixed 1.8.0.372-150200.3.33.2
In Eclipse Openj9 before version 0.38.0, in the implementation of the shared cache (which is enabled by default in OpenJ9 builds) the size of a string is not properly checked against the size of the buffer.
CVE-2023-21968Apr 18, 2023
affected < 1.8.0.372-150200.3.33.2fixed 1.8.0.372-150200.3.33.2
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1
CVE-2023-21967Apr 18, 2023
affected < 1.8.0.372-150200.3.33.2fixed 1.8.0.372-150200.3.33.2
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Dif
CVE-2023-21954Apr 18, 2023
affected < 1.8.0.372-150200.3.33.2fixed 1.8.0.372-150200.3.33.2
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Diff
CVE-2023-21939Apr 18, 2023
affected < 1.8.0.372-150200.3.33.2fixed 1.8.0.372-150200.3.33.2
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Swing). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Ea
CVE-2023-21938Apr 18, 2023
affected < 1.8.0.372-150200.3.33.2fixed 1.8.0.372-150200.3.33.2
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0
CVE-2023-21937Apr 18, 2023
affected < 1.8.0.372-150200.3.33.2fixed 1.8.0.372-150200.3.33.2
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.
CVE-2023-21930Apr 18, 2023
affected < 1.8.0.372-150200.3.33.2fixed 1.8.0.372-150200.3.33.2
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Dif
CVE-2023-21843Jan 17, 2023
affected < 1.8.0.362-150200.3.30.1fixed 1.8.0.362-150200.3.30.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Sound). Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf, 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0
CVE-2023-21830Jan 17, 2023
affected < 1.8.0.362-150200.3.30.1fixed 1.8.0.362-150200.3.30.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf; Oracle GraalVM Enterprise Edition: 20.3.8 and 21.3.4. Easily exploitable vuln
CVE-2022-3676Oct 24, 2022
affected < 1.8.0.352-150200.3.27.1fixed 1.8.0.352-150200.3.27.1
In Eclipse Openj9 before version 0.35.0, interface calls can be inlined without a runtime type check. Malicious bytecode could make use of this inlining to access or modify memory via an incompatible type.
CVE-2022-21628Oct 18, 2022
affected < 1.8.0.352-150200.3.27.1fixed 1.8.0.352-150200.3.27.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Lightweight HTTP Server). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 2
CVE-2022-21626Oct 18, 2022
affected < 1.8.0.352-150200.3.27.1fixed 1.8.0.352-150200.3.27.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily expl
CVE-2022-21624Oct 18, 2022
affected < 1.8.0.352-150200.3.27.1fixed 1.8.0.352-150200.3.27.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. D
CVE-2022-21619Oct 18, 2022
affected < 1.8.0.352-150200.3.27.1fixed 1.8.0.352-150200.3.27.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.

Page 1 of 2