rpm package
suse/java-1_8_0-ibm&distro=SUSE Linux Enterprise Server 12 SP1
pkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1
Vulnerabilities (72)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-9843 | Cri | 9.8 | < 1.8.0_sr4.5-29.1 | 1.8.0_sr4.5-29.1 | May 23, 2017 | The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation. | |
| CVE-2016-9842 | Hig | 8.8 | < 1.8.0_sr4.5-29.1 | 1.8.0_sr4.5-29.1 | May 23, 2017 | The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers. | |
| CVE-2016-9841 | Cri | 9.8 | < 1.8.0_sr4.5-29.1 | 1.8.0_sr4.5-29.1 | May 23, 2017 | inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. | |
| CVE-2016-9840 | Hig | 8.8 | < 1.8.0_sr4.5-29.1 | 1.8.0_sr4.5-29.1 | May 23, 2017 | inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. | |
| CVE-2017-1289 | Hig | 8.2 | < 1.8.0_sr4.5-29.1 | 1.8.0_sr4.5-29.1 | May 22, 2017 | IBM SDK, Java Technology Edition is vulnerable XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume memory resources. IBM X-Force ID: 125150. | |
| CVE-2017-3544 | Low | 3.7 | < 1.8.0_sr4.5-29.1 | 1.8.0_sr4.5-29.1 | Apr 24, 2017 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthen | |
| CVE-2017-3539 | Low | 3.1 | < 1.8.0_sr4.5-29.1 | 1.8.0_sr4.5-29.1 | Apr 24, 2017 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121. Difficult to exploit vulnerability allows unauthenticated attacker with network | |
| CVE-2017-3533 | Low | 3.7 | < 1.8.0_sr4.5-29.1 | 1.8.0_sr4.5-29.1 | Apr 24, 2017 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthen | |
| CVE-2017-3511 | Hig | 7.7 | < 1.8.0_sr4.5-29.1 | 1.8.0_sr4.5-29.1 | Apr 24, 2017 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthenticated attack | |
| CVE-2017-3509 | Med | 4.2 | < 1.8.0_sr4.5-29.1 | 1.8.0_sr4.5-29.1 | Apr 24, 2017 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121. Difficult to exploit vulnerability allows unauthenticated attacker with networ | |
| CVE-2017-3289 | Cri | 9.6 | < 1.8.0_sr4.0-23.1 | 1.8.0_sr4.0-23.1 | Jan 27, 2017 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via | |
| CVE-2017-3272 | Cri | 9.6 | < 1.8.0_sr4.0-23.1 | 1.8.0_sr4.0-23.1 | Jan 27, 2017 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network a | |
| CVE-2017-3261 | Med | 4.3 | < 1.8.0_sr4.0-23.1 | 1.8.0_sr4.0-23.1 | Jan 27, 2017 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network | |
| CVE-2017-3259 | Low | 3.7 | < 1.8.0_sr4.0-23.1 | 1.8.0_sr4.0-23.1 | Jan 27, 2017 | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromi | |
| CVE-2017-3253 | Hig | 7.5 | < 1.8.0_sr4.0-23.1 | 1.8.0_sr4.0-23.1 | Jan 27, 2017 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated at | |
| CVE-2017-3252 | Med | 5.8 | < 1.8.0_sr4.0-23.1 | 1.8.0_sr4.0-23.1 | Jan 27, 2017 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAAS). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Difficult to exploit vulnerability allows low privileged | |
| CVE-2017-3241 | Cri | 9.0 | < 1.8.0_sr4.0-23.1 | 1.8.0_sr4.0-23.1 | Jan 27, 2017 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Difficult to exploit vulnerability allows unauthenticated | |
| CVE-2017-3231 | Med | 4.3 | < 1.8.0_sr4.0-23.1 | 1.8.0_sr4.0-23.1 | Jan 27, 2017 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network | |
| CVE-2016-5552 | Med | 5.3 | < 1.8.0_sr4.0-23.1 | 1.8.0_sr4.0-23.1 | Jan 27, 2017 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenti | |
| CVE-2016-5549 | Med | 6.5 | < 1.8.0_sr4.0-23.1 | 1.8.0_sr4.0-23.1 | Jan 27, 2017 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access v |
- affected < 1.8.0_sr4.5-29.1fixed 1.8.0_sr4.5-29.1
The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.
- affected < 1.8.0_sr4.5-29.1fixed 1.8.0_sr4.5-29.1
The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers.
- affected < 1.8.0_sr4.5-29.1fixed 1.8.0_sr4.5-29.1
inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
- affected < 1.8.0_sr4.5-29.1fixed 1.8.0_sr4.5-29.1
inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
- affected < 1.8.0_sr4.5-29.1fixed 1.8.0_sr4.5-29.1
IBM SDK, Java Technology Edition is vulnerable XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume memory resources. IBM X-Force ID: 125150.
- affected < 1.8.0_sr4.5-29.1fixed 1.8.0_sr4.5-29.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthen
- affected < 1.8.0_sr4.5-29.1fixed 1.8.0_sr4.5-29.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121. Difficult to exploit vulnerability allows unauthenticated attacker with network
- affected < 1.8.0_sr4.5-29.1fixed 1.8.0_sr4.5-29.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthen
- affected < 1.8.0_sr4.5-29.1fixed 1.8.0_sr4.5-29.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthenticated attack
- affected < 1.8.0_sr4.5-29.1fixed 1.8.0_sr4.5-29.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121. Difficult to exploit vulnerability allows unauthenticated attacker with networ
- affected < 1.8.0_sr4.0-23.1fixed 1.8.0_sr4.0-23.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via
- affected < 1.8.0_sr4.0-23.1fixed 1.8.0_sr4.0-23.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network a
- affected < 1.8.0_sr4.0-23.1fixed 1.8.0_sr4.0-23.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network
- affected < 1.8.0_sr4.0-23.1fixed 1.8.0_sr4.0-23.1
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromi
- affected < 1.8.0_sr4.0-23.1fixed 1.8.0_sr4.0-23.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated at
- affected < 1.8.0_sr4.0-23.1fixed 1.8.0_sr4.0-23.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAAS). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Difficult to exploit vulnerability allows low privileged
- affected < 1.8.0_sr4.0-23.1fixed 1.8.0_sr4.0-23.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Difficult to exploit vulnerability allows unauthenticated
- affected < 1.8.0_sr4.0-23.1fixed 1.8.0_sr4.0-23.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network
- affected < 1.8.0_sr4.0-23.1fixed 1.8.0_sr4.0-23.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenti
- affected < 1.8.0_sr4.0-23.1fixed 1.8.0_sr4.0-23.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access v
Page 1 of 4