rpm package
suse/java-1_8_0-ibm&distro=SUSE Linux Enterprise Module for Legacy 15
pkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015
Vulnerabilities (71)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-2798 | Med | 5.3 | < 1.8.0_sr5.15-3.3.4 | 1.8.0_sr5.15-3.3.4 | Apr 19, 2018 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticat | |
| CVE-2018-2797 | Med | 5.3 | < 1.8.0_sr5.15-3.3.4 | 1.8.0_sr5.15-3.3.4 | Apr 19, 2018 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JMX). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticat | |
| CVE-2018-2796 | Med | 5.3 | < 1.8.0_sr5.15-3.3.4 | 1.8.0_sr5.15-3.3.4 | Apr 19, 2018 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthentica | |
| CVE-2018-2795 | Med | 5.3 | < 1.8.0_sr5.15-3.3.4 | 1.8.0_sr5.15-3.3.4 | Apr 19, 2018 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthen | |
| CVE-2018-2794 | Hig | 7.7 | < 1.8.0_sr5.15-3.3.4 | 1.8.0_sr5.15-3.3.4 | Apr 19, 2018 | Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162, 10 and JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infras | |
| CVE-2018-2790 | Low | 3.1 | < 1.8.0_sr5.15-3.3.4 | 1.8.0_sr5.15-3.3.4 | Apr 19, 2018 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161. Difficult to exploit vulnerability allows unauthenticated attacker with netw | |
| CVE-2018-2783 | Hig | 7.4 | < 1.8.0_sr5.15-3.3.4 | 1.8.0_sr5.15-3.3.4 | Apr 19, 2018 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u161 and 8u152; Java SE Embedded: 8u152; JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenti | |
| CVE-2018-1417 | Hig | 8.1 | < 1.8.0_sr5.15-3.3.4 | 1.8.0_sr5.15-3.3.4 | Feb 22, 2018 | Under certain circumstances, a flaw in the J9 JVM (IBM SDK, Java Technology Edition 7.1 and 8.0) allows untrusted code running under a security manager to elevate its privileges. IBM X-Force ID: 138823. | |
| CVE-2017-3736 | Med | 6.5 | < 1.8.0_sr5.20-3.6.2 | 1.8.0_sr5.20-3.6.2 | Nov 2, 2017 | There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are n | |
| CVE-2017-3732 | Med | 5.9 | < 1.8.0_sr5.20-3.6.2 | 1.8.0_sr5.20-3.6.2 | May 4, 2017 | There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL 1.0.2 before 1.0.2k and 1.1.0 before 1.1.0d. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and | |
| CVE-2016-0705 | Cri | 9.8 | < 1.8.0_sr5.20-3.6.2 | 1.8.0_sr5.20-3.6.2 | Mar 3, 2016 | Double free vulnerability in the dsa_priv_decode function in crypto/dsa/dsa_ameth.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a malformed DSA privat |
- affected < 1.8.0_sr5.15-3.3.4fixed 1.8.0_sr5.15-3.3.4
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticat
- affected < 1.8.0_sr5.15-3.3.4fixed 1.8.0_sr5.15-3.3.4
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JMX). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticat
- affected < 1.8.0_sr5.15-3.3.4fixed 1.8.0_sr5.15-3.3.4
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthentica
- affected < 1.8.0_sr5.15-3.3.4fixed 1.8.0_sr5.15-3.3.4
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthen
- affected < 1.8.0_sr5.15-3.3.4fixed 1.8.0_sr5.15-3.3.4
Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162, 10 and JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infras
- affected < 1.8.0_sr5.15-3.3.4fixed 1.8.0_sr5.15-3.3.4
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161. Difficult to exploit vulnerability allows unauthenticated attacker with netw
- affected < 1.8.0_sr5.15-3.3.4fixed 1.8.0_sr5.15-3.3.4
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u161 and 8u152; Java SE Embedded: 8u152; JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenti
- affected < 1.8.0_sr5.15-3.3.4fixed 1.8.0_sr5.15-3.3.4
Under certain circumstances, a flaw in the J9 JVM (IBM SDK, Java Technology Edition 7.1 and 8.0) allows untrusted code running under a security manager to elevate its privileges. IBM X-Force ID: 138823.
- affected < 1.8.0_sr5.20-3.6.2fixed 1.8.0_sr5.20-3.6.2
There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are n
- affected < 1.8.0_sr5.20-3.6.2fixed 1.8.0_sr5.20-3.6.2
There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL 1.0.2 before 1.0.2k and 1.1.0 before 1.1.0d. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and
- affected < 1.8.0_sr5.20-3.6.2fixed 1.8.0_sr5.20-3.6.2
Double free vulnerability in the dsa_priv_decode function in crypto/dsa/dsa_ameth.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a malformed DSA privat
Page 4 of 4