rpm package

suse/java-1_7_1-ibm&distro=SUSE OpenStack Cloud 6

pkg:rpm/suse/java-1_7_1-ibm&distro=SUSE%20OpenStack%20Cloud%206

Vulnerabilities (51)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2017-10101	Cri	9.6	< 1.7.1_sr4.10-38.5.1	1.7.1_sr4.10-38.5.1	Aug 8, 2017	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access
CVE-2017-10096	Cri	9.6	< 1.7.1_sr4.10-38.5.1	1.7.1_sr4.10-38.5.1	Aug 8, 2017	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access
CVE-2017-10090	Cri	9.6	< 1.7.1_sr4.10-38.5.1	1.7.1_sr4.10-38.5.1	Aug 8, 2017	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access v
CVE-2017-10089	Cri	9.6	< 1.7.1_sr4.10-38.5.1	1.7.1_sr4.10-38.5.1	Aug 8, 2017	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: ImageIO). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Ja
CVE-2017-10087	Cri	9.6	< 1.7.1_sr4.10-38.5.1	1.7.1_sr4.10-38.5.1	Aug 8, 2017	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network a
CVE-2017-10081	Med	4.3	< 1.7.1_sr4.10-38.5.1	1.7.1_sr4.10-38.5.1	Aug 8, 2017	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network acc
CVE-2017-10074	Hig	8.3	< 1.7.1_sr4.10-38.5.1	1.7.1_sr4.10-38.5.1	Aug 8, 2017	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Difficult to exploit vulnerability allows unauthenticated attacker with network a
CVE-2017-10067	Hig	7.5	< 1.7.1_sr4.10-38.5.1	1.7.1_sr4.10-38.5.1	Aug 8, 2017	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise
CVE-2017-10053	Med	5.3	< 1.7.1_sr4.10-38.5.1	1.7.1_sr4.10-38.5.1	Aug 8, 2017	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated at
CVE-2016-9841	Cri	9.8	< 1.7.1_sr4.15-38.8.1	1.7.1_sr4.15-38.8.1	May 23, 2017	inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
CVE-2016-10165	Hig	7.1	< 1.7.1_sr4.15-38.8.1	1.7.1_sr4.15-38.8.1	Feb 3, 2017	The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read.

CVE-2017-10101CriAug 8, 2017
affected < 1.7.1_sr4.10-38.5.1fixed 1.7.1_sr4.10-38.5.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access
CVE-2017-10096CriAug 8, 2017
affected < 1.7.1_sr4.10-38.5.1fixed 1.7.1_sr4.10-38.5.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access
CVE-2017-10090CriAug 8, 2017
affected < 1.7.1_sr4.10-38.5.1fixed 1.7.1_sr4.10-38.5.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access v
CVE-2017-10089CriAug 8, 2017
affected < 1.7.1_sr4.10-38.5.1fixed 1.7.1_sr4.10-38.5.1
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: ImageIO). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Ja
CVE-2017-10087CriAug 8, 2017
affected < 1.7.1_sr4.10-38.5.1fixed 1.7.1_sr4.10-38.5.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network a
CVE-2017-10081MedAug 8, 2017
affected < 1.7.1_sr4.10-38.5.1fixed 1.7.1_sr4.10-38.5.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network acc
CVE-2017-10074HigAug 8, 2017
affected < 1.7.1_sr4.10-38.5.1fixed 1.7.1_sr4.10-38.5.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Difficult to exploit vulnerability allows unauthenticated attacker with network a
CVE-2017-10067HigAug 8, 2017
affected < 1.7.1_sr4.10-38.5.1fixed 1.7.1_sr4.10-38.5.1
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise
CVE-2017-10053MedAug 8, 2017
affected < 1.7.1_sr4.10-38.5.1fixed 1.7.1_sr4.10-38.5.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated at
CVE-2016-9841CriMay 23, 2017
affected < 1.7.1_sr4.15-38.8.1fixed 1.7.1_sr4.15-38.8.1
inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
CVE-2016-10165HigFeb 3, 2017
affected < 1.7.1_sr4.15-38.8.1fixed 1.7.1_sr4.15-38.8.1
The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read.

Page 3 of 3