VYPR

rpm package

suse/java-1_8_0-ibm&distro=SUSE Linux Enterprise Module for Legacy 15

pkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015

Vulnerabilities (71)

  • CVE-2018-2798MedApr 19, 2018
    affected < 1.8.0_sr5.15-3.3.4fixed 1.8.0_sr5.15-3.3.4

    Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticat

  • CVE-2018-2797MedApr 19, 2018
    affected < 1.8.0_sr5.15-3.3.4fixed 1.8.0_sr5.15-3.3.4

    Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JMX). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticat

  • CVE-2018-2796MedApr 19, 2018
    affected < 1.8.0_sr5.15-3.3.4fixed 1.8.0_sr5.15-3.3.4

    Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthentica

  • CVE-2018-2795MedApr 19, 2018
    affected < 1.8.0_sr5.15-3.3.4fixed 1.8.0_sr5.15-3.3.4

    Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthen

  • CVE-2018-2794HigApr 19, 2018
    affected < 1.8.0_sr5.15-3.3.4fixed 1.8.0_sr5.15-3.3.4

    Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162, 10 and JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infras

  • CVE-2018-2790LowApr 19, 2018
    affected < 1.8.0_sr5.15-3.3.4fixed 1.8.0_sr5.15-3.3.4

    Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161. Difficult to exploit vulnerability allows unauthenticated attacker with netw

  • CVE-2018-2783HigApr 19, 2018
    affected < 1.8.0_sr5.15-3.3.4fixed 1.8.0_sr5.15-3.3.4

    Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u161 and 8u152; Java SE Embedded: 8u152; JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenti

  • CVE-2018-1417HigFeb 22, 2018
    affected < 1.8.0_sr5.15-3.3.4fixed 1.8.0_sr5.15-3.3.4

    Under certain circumstances, a flaw in the J9 JVM (IBM SDK, Java Technology Edition 7.1 and 8.0) allows untrusted code running under a security manager to elevate its privileges. IBM X-Force ID: 138823.

  • CVE-2017-3736MedNov 2, 2017
    affected < 1.8.0_sr5.20-3.6.2fixed 1.8.0_sr5.20-3.6.2

    There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are n

  • CVE-2017-3732MedMay 4, 2017
    affected < 1.8.0_sr5.20-3.6.2fixed 1.8.0_sr5.20-3.6.2

    There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL 1.0.2 before 1.0.2k and 1.1.0 before 1.1.0d. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and

  • CVE-2016-0705CriMar 3, 2016
    affected < 1.8.0_sr5.20-3.6.2fixed 1.8.0_sr5.20-3.6.2

    Double free vulnerability in the dsa_priv_decode function in crypto/dsa/dsa_ameth.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a malformed DSA privat

Page 4 of 4