rpm package
suse/java-1_8_0-ibm&distro=SUSE Linux Enterprise Server 15 SP2-LTSS
pkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSS
Vulnerabilities (97)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-21235 | Med | 4.8 | < 1.8.0_sr8.35-150000.3.95.1 | 1.8.0_sr8.35-150000.3.95.1 | Oct 15, 2024 | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0 | |
| CVE-2024-21217 | Low | 3.7 | < 1.8.0_sr8.35-150000.3.95.1 | 1.8.0_sr8.35-150000.3.95.1 | Oct 15, 2024 | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: | |
| CVE-2024-21210 | Low | 3.7 | < 1.8.0_sr8.35-150000.3.95.1 | 1.8.0_sr8.35-150000.3.95.1 | Oct 15, 2024 | Vulnerability in Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4 and 23. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to co | |
| CVE-2024-21208 | Low | 3.7 | < 1.8.0_sr8.35-150000.3.95.1 | 1.8.0_sr8.35-150000.3.95.1 | Oct 15, 2024 | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17. | |
| CVE-2024-27267 | Med | 5.9 | < 1.8.0_sr8.30-150000.3.92.1 | 1.8.0_sr8.30-150000.3.92.1 | Aug 14, 2024 | The Object Request Broker (ORB) in IBM SDK, Java Technology Edition 7.1.0.0 through 7.1.5.18 and 8.0.0.0 through 8.0.8.26 is vulnerable to remote denial of service, caused by a race condition in the management of ORB listener threads. | |
| CVE-2024-21147 | Hig | 7.4 | < 1.8.0_sr8.30-150000.3.92.1 | 1.8.0_sr8.30-150000.3.92.1 | Jul 16, 2024 | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17 | |
| CVE-2024-21145 | Med | 4.8 | < 1.8.0_sr8.30-150000.3.92.1 | 1.8.0_sr8.30-150000.3.92.1 | Jul 16, 2024 | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11 | |
| CVE-2024-21144 | Low | 3.7 | < 1.8.0_sr8.30-150000.3.92.1 | 1.8.0_sr8.30-150000.3.92.1 | Jul 16, 2024 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Concurrency). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23; Oracle GraalVM Enterprise Edition: 20.3.14 and 21.3.10. Difficult to e | |
| CVE-2024-21140 | Med | 4.8 | < 1.8.0_sr8.30-150000.3.92.1 | 1.8.0_sr8.30-150000.3.92.1 | Jul 16, 2024 | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17 | |
| CVE-2024-21138 | Low | 3.7 | < 1.8.0_sr8.30-150000.3.92.1 | 1.8.0_sr8.30-150000.3.92.1 | Jul 16, 2024 | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17 | |
| CVE-2024-21131 | Low | 3.7 | < 1.8.0_sr8.30-150000.3.92.1 | 1.8.0_sr8.30-150000.3.92.1 | Jul 16, 2024 | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17 | |
| CVE-2024-3933 | Med | 5.3 | < 1.8.0_sr8.35-150000.3.95.1 | 1.8.0_sr8.35-150000.3.95.1 | May 27, 2024 | In Eclipse OpenJ9 release versions prior to 0.44.0 and after 0.13.0, when running with JVM option -Xgc:concurrentScavenge, the sequence generated for System.arrayCopy on the IBM Z platform with hardware and software support for guarded storage [1], could allow access to a buffer | |
| CVE-2023-38264 | Med | 5.9 | < 1.8.0_sr8.25-150000.3.89.1 | 1.8.0_sr8.25-150000.3.89.1 | May 14, 2024 | The IBM SDK, Java Technology Edition's Object Request Broker (ORB) 7.1.0.0 through 7.1.5.21 and 8.0.0.0 through 8.0.8.21 is vulnerable to a denial of service attack in some circumstances due to improper enforcement of the JEP 290 MaxRef and MaxDepth deserialization filters. IBM | |
| CVE-2024-21094 | Low | 3.7 | < 1.8.0_sr8.25-150000.3.89.1 | 1.8.0_sr8.25-150000.3.89.1 | Apr 16, 2024 | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u401, 8u401-perf, 11.0.22, 17.0.10, 21.0.2, 22; Oracle GraalVM for JDK: 17.0.1 | |
| CVE-2024-21085 | Low | 3.7 | < 1.8.0_sr8.25-150000.3.89.1 | 1.8.0_sr8.25-150000.3.89.1 | Apr 16, 2024 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Concurrency). Supported versions that are affected are Oracle Java SE: 8u401, 8u401-perf, 11.0.22; Oracle GraalVM Enterprise Edition: 20.3.13 and 21.3.9. Difficult to ex | |
| CVE-2024-21068 | Low | 3.7 | < 1.8.0_sr8.25-150000.3.89.1 | 1.8.0_sr8.25-150000.3.89.1 | Apr 16, 2024 | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u401-perf, 11.0.22, 17.0.10, 21.0.2, 22; Oracle GraalVM for JDK: 17.0.10, 21.0 | |
| CVE-2024-21012 | Low | 3.7 | < 1.8.0_sr8.25-150000.3.89.1 | 1.8.0_sr8.25-150000.3.89.1 | Apr 16, 2024 | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 11.0.22, 17.0.10, 21.0.2, 22; Oracle GraalVM for JDK: 17.0.10, 21.0.2, 22; O | |
| CVE-2024-21011 | Low | 3.7 | < 1.8.0_sr8.25-150000.3.89.1 | 1.8.0_sr8.25-150000.3.89.1 | Apr 16, 2024 | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u401, 8u401-perf, 11.0.22, 17.0.10, 21.0.2, 22; Oracle GraalVM for JDK: 17.0.1 | |
| CVE-2024-20945 | Med | 4.7 | < 1.8.0_sr8.20-150000.3.86.1 | 1.8.0_sr8.20-150000.3.86.1 | Feb 17, 2024 | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK: 17.0.9, 21 | |
| CVE-2024-20921 | Med | 5.9 | < 1.8.0_sr8.20-150000.3.86.1 | 1.8.0_sr8.20-150000.3.86.1 | Feb 17, 2024 | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK: 17.0.9, 21. |
- affected < 1.8.0_sr8.35-150000.3.95.1fixed 1.8.0_sr8.35-150000.3.95.1
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0
- affected < 1.8.0_sr8.35-150000.3.95.1fixed 1.8.0_sr8.35-150000.3.95.1
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK:
- affected < 1.8.0_sr8.35-150000.3.95.1fixed 1.8.0_sr8.35-150000.3.95.1
Vulnerability in Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4 and 23. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to co
- affected < 1.8.0_sr8.35-150000.3.95.1fixed 1.8.0_sr8.35-150000.3.95.1
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.
- affected < 1.8.0_sr8.30-150000.3.92.1fixed 1.8.0_sr8.30-150000.3.92.1
The Object Request Broker (ORB) in IBM SDK, Java Technology Edition 7.1.0.0 through 7.1.5.18 and 8.0.0.0 through 8.0.8.26 is vulnerable to remote denial of service, caused by a race condition in the management of ORB listener threads.
- affected < 1.8.0_sr8.30-150000.3.92.1fixed 1.8.0_sr8.30-150000.3.92.1
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17
- affected < 1.8.0_sr8.30-150000.3.92.1fixed 1.8.0_sr8.30-150000.3.92.1
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11
- affected < 1.8.0_sr8.30-150000.3.92.1fixed 1.8.0_sr8.30-150000.3.92.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Concurrency). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23; Oracle GraalVM Enterprise Edition: 20.3.14 and 21.3.10. Difficult to e
- affected < 1.8.0_sr8.30-150000.3.92.1fixed 1.8.0_sr8.30-150000.3.92.1
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17
- affected < 1.8.0_sr8.30-150000.3.92.1fixed 1.8.0_sr8.30-150000.3.92.1
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17
- affected < 1.8.0_sr8.30-150000.3.92.1fixed 1.8.0_sr8.30-150000.3.92.1
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17
- affected < 1.8.0_sr8.35-150000.3.95.1fixed 1.8.0_sr8.35-150000.3.95.1
In Eclipse OpenJ9 release versions prior to 0.44.0 and after 0.13.0, when running with JVM option -Xgc:concurrentScavenge, the sequence generated for System.arrayCopy on the IBM Z platform with hardware and software support for guarded storage [1], could allow access to a buffer
- affected < 1.8.0_sr8.25-150000.3.89.1fixed 1.8.0_sr8.25-150000.3.89.1
The IBM SDK, Java Technology Edition's Object Request Broker (ORB) 7.1.0.0 through 7.1.5.21 and 8.0.0.0 through 8.0.8.21 is vulnerable to a denial of service attack in some circumstances due to improper enforcement of the JEP 290 MaxRef and MaxDepth deserialization filters. IBM
- affected < 1.8.0_sr8.25-150000.3.89.1fixed 1.8.0_sr8.25-150000.3.89.1
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u401, 8u401-perf, 11.0.22, 17.0.10, 21.0.2, 22; Oracle GraalVM for JDK: 17.0.1
- affected < 1.8.0_sr8.25-150000.3.89.1fixed 1.8.0_sr8.25-150000.3.89.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Concurrency). Supported versions that are affected are Oracle Java SE: 8u401, 8u401-perf, 11.0.22; Oracle GraalVM Enterprise Edition: 20.3.13 and 21.3.9. Difficult to ex
- affected < 1.8.0_sr8.25-150000.3.89.1fixed 1.8.0_sr8.25-150000.3.89.1
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u401-perf, 11.0.22, 17.0.10, 21.0.2, 22; Oracle GraalVM for JDK: 17.0.10, 21.0
- affected < 1.8.0_sr8.25-150000.3.89.1fixed 1.8.0_sr8.25-150000.3.89.1
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 11.0.22, 17.0.10, 21.0.2, 22; Oracle GraalVM for JDK: 17.0.10, 21.0.2, 22; O
- affected < 1.8.0_sr8.25-150000.3.89.1fixed 1.8.0_sr8.25-150000.3.89.1
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u401, 8u401-perf, 11.0.22, 17.0.10, 21.0.2, 22; Oracle GraalVM for JDK: 17.0.1
- affected < 1.8.0_sr8.20-150000.3.86.1fixed 1.8.0_sr8.20-150000.3.86.1
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK: 17.0.9, 21
- affected < 1.8.0_sr8.20-150000.3.86.1fixed 1.8.0_sr8.20-150000.3.86.1
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK: 17.0.9, 21.
Page 1 of 5