rpm package

suse/java-11-openjdk&distro=SUSE Linux Enterprise Server 15 SP1-LTSS

pkg:rpm/suse/java-11-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSS

Vulnerabilities (52)

CVE	CVSS	Affected versions	Fixed in	Published	Description
CVE-2023-25193	—	< 11.0.20.0-150000.3.99.1	11.0.20.0-150000.3.99.1	Feb 4, 2023	hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks.
CVE-2023-21843	—	< 11.0.18.0-150000.3.93.1	11.0.18.0-150000.3.93.1	Jan 17, 2023	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Sound). Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf, 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0
CVE-2023-21835	—	< 11.0.18.0-150000.3.93.1	11.0.18.0-150000.3.93.1	Jan 17, 2023	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Easily exploitable
CVE-2022-39399	—	< 11.0.17.0-150000.3.86.2	11.0.17.0-150000.3.86.2	Oct 18, 2022	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to e
CVE-2022-21628	—	< 11.0.17.0-150000.3.86.2	11.0.17.0-150000.3.86.2	Oct 18, 2022	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Lightweight HTTP Server). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 2
CVE-2022-21626	—	< 11.0.17.0-150000.3.86.2	11.0.17.0-150000.3.86.2	Oct 18, 2022	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily expl
CVE-2022-21624	—	< 11.0.17.0-150000.3.86.2	11.0.17.0-150000.3.86.2	Oct 18, 2022	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. D
CVE-2022-21619	—	< 11.0.17.0-150000.3.86.2	11.0.17.0-150000.3.86.2	Oct 18, 2022	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.
CVE-2022-21618	—	< 11.0.17.0-150000.3.86.2	11.0.17.0-150000.3.86.2	Oct 18, 2022	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JGSS). Supported versions that are affected are Oracle Java SE: 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 21.3.3 and 22.2.0. Easily exploitable vulnerability allows
CVE-2022-34169	—	< 11.0.16.0-150000.3.83.1	11.0.16.0-150000.3.83.1	Jul 19, 2022	The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update t
CVE-2022-21541	—	< 11.0.16.0-150000.3.83.1	11.0.16.0-150000.3.83.1	Jul 19, 2022	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1.
CVE-2022-21540	—	< 11.0.16.0-150000.3.83.1	11.0.16.0-150000.3.83.1	Jul 19, 2022	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1.
CVE-2022-21496	—	< 11.0.15.0-150000.3.80.1	11.0.15.0-150000.3.80.1	Apr 19, 2022	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily e
CVE-2022-21476	—	< 11.0.15.0-150000.3.80.1	11.0.15.0-150000.3.80.1	Apr 19, 2022	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Eas
CVE-2022-21443	—	< 11.0.15.0-150000.3.80.1	11.0.15.0-150000.3.80.1	Apr 19, 2022	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Dif
CVE-2022-21434	—	< 11.0.15.0-150000.3.80.1	11.0.15.0-150000.3.80.1	Apr 19, 2022	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Eas
CVE-2022-21426	—	< 11.0.15.0-150000.3.80.1	11.0.15.0-150000.3.80.1	Apr 19, 2022	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily e
CVE-2021-35603	—	< 11.0.13.0-3.65.1	11.0.13.0-3.65.1	Oct 20, 2021	Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Difficult to exploit vulnerability allow
CVE-2021-35586	—	< 11.0.13.0-3.65.1	11.0.13.0-3.65.1	Oct 20, 2021	Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allo
CVE-2021-35578	—	< 11.0.13.0-3.65.1	11.0.13.0-3.65.1	Oct 20, 2021	Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthe

CVE-2023-25193Feb 4, 2023
affected < 11.0.20.0-150000.3.99.1fixed 11.0.20.0-150000.3.99.1
hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks.
CVE-2023-21843Jan 17, 2023
affected < 11.0.18.0-150000.3.93.1fixed 11.0.18.0-150000.3.93.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Sound). Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf, 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0
CVE-2023-21835Jan 17, 2023
affected < 11.0.18.0-150000.3.93.1fixed 11.0.18.0-150000.3.93.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Easily exploitable
CVE-2022-39399Oct 18, 2022
affected < 11.0.17.0-150000.3.86.2fixed 11.0.17.0-150000.3.86.2
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to e
CVE-2022-21628Oct 18, 2022
affected < 11.0.17.0-150000.3.86.2fixed 11.0.17.0-150000.3.86.2
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Lightweight HTTP Server). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 2
CVE-2022-21626Oct 18, 2022
affected < 11.0.17.0-150000.3.86.2fixed 11.0.17.0-150000.3.86.2
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily expl
CVE-2022-21624Oct 18, 2022
affected < 11.0.17.0-150000.3.86.2fixed 11.0.17.0-150000.3.86.2
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. D
CVE-2022-21619Oct 18, 2022
affected < 11.0.17.0-150000.3.86.2fixed 11.0.17.0-150000.3.86.2
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.
CVE-2022-21618Oct 18, 2022
affected < 11.0.17.0-150000.3.86.2fixed 11.0.17.0-150000.3.86.2
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JGSS). Supported versions that are affected are Oracle Java SE: 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 21.3.3 and 22.2.0. Easily exploitable vulnerability allows
CVE-2022-34169Jul 19, 2022
affected < 11.0.16.0-150000.3.83.1fixed 11.0.16.0-150000.3.83.1
The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update t
CVE-2022-21541Jul 19, 2022
affected < 11.0.16.0-150000.3.83.1fixed 11.0.16.0-150000.3.83.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1.
CVE-2022-21540Jul 19, 2022
affected < 11.0.16.0-150000.3.83.1fixed 11.0.16.0-150000.3.83.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1.
CVE-2022-21496Apr 19, 2022
affected < 11.0.15.0-150000.3.80.1fixed 11.0.15.0-150000.3.80.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily e
CVE-2022-21476Apr 19, 2022
affected < 11.0.15.0-150000.3.80.1fixed 11.0.15.0-150000.3.80.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Eas
CVE-2022-21443Apr 19, 2022
affected < 11.0.15.0-150000.3.80.1fixed 11.0.15.0-150000.3.80.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Dif
CVE-2022-21434Apr 19, 2022
affected < 11.0.15.0-150000.3.80.1fixed 11.0.15.0-150000.3.80.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Eas
CVE-2022-21426Apr 19, 2022
affected < 11.0.15.0-150000.3.80.1fixed 11.0.15.0-150000.3.80.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily e
CVE-2021-35603Oct 20, 2021
affected < 11.0.13.0-3.65.1fixed 11.0.13.0-3.65.1
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Difficult to exploit vulnerability allow
CVE-2021-35586Oct 20, 2021
affected < 11.0.13.0-3.65.1fixed 11.0.13.0-3.65.1
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allo
CVE-2021-35578Oct 20, 2021
affected < 11.0.13.0-3.65.1fixed 11.0.13.0-3.65.1
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthe

Page 2 of 3