rpm package
suse/java-1_8_0-ibm&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP2
pkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2
Vulnerabilities (97)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-21967 | — | < 1.8.0_sr8.5-150000.3.74.1 | 1.8.0_sr8.5-150000.3.74.1 | Apr 18, 2023 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Dif | ||
| CVE-2023-21954 | — | < 1.8.0_sr8.5-150000.3.74.1 | 1.8.0_sr8.5-150000.3.74.1 | Apr 18, 2023 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Diff | ||
| CVE-2023-21939 | — | < 1.8.0_sr8.5-150000.3.74.1 | 1.8.0_sr8.5-150000.3.74.1 | Apr 18, 2023 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Swing). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Ea | ||
| CVE-2023-21938 | — | < 1.8.0_sr8.5-150000.3.74.1 | 1.8.0_sr8.5-150000.3.74.1 | Apr 18, 2023 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0 | ||
| CVE-2023-21937 | — | < 1.8.0_sr8.5-150000.3.74.1 | 1.8.0_sr8.5-150000.3.74.1 | Apr 18, 2023 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3. | ||
| CVE-2023-21930 | — | < 1.8.0_sr8.5-150000.3.74.1 | 1.8.0_sr8.5-150000.3.74.1 | Apr 18, 2023 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Dif | ||
| CVE-2023-25193 | — | < 1.8.0_sr8.10-150000.3.80.1 | 1.8.0_sr8.10-150000.3.80.1 | Feb 4, 2023 | hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks. | ||
| CVE-2023-21843 | — | < 1.8.0_sr8.0-150000.3.71.1 | 1.8.0_sr8.0-150000.3.71.1 | Jan 17, 2023 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Sound). Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf, 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0 | ||
| CVE-2023-21835 | — | < 1.8.0_sr8.0-150000.3.71.1 | 1.8.0_sr8.0-150000.3.71.1 | Jan 17, 2023 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Easily exploitable | ||
| CVE-2023-21830 | — | < 1.8.0_sr8.0-150000.3.71.1 | 1.8.0_sr8.0-150000.3.71.1 | Jan 17, 2023 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf; Oracle GraalVM Enterprise Edition: 20.3.8 and 21.3.4. Easily exploitable vuln | ||
| CVE-2022-3676 | — | < 1.8.0_sr7.20-150000.3.68.1 | 1.8.0_sr7.20-150000.3.68.1 | Oct 24, 2022 | In Eclipse Openj9 before version 0.35.0, interface calls can be inlined without a runtime type check. Malicious bytecode could make use of this inlining to access or modify memory via an incompatible type. | ||
| CVE-2022-39399 | Low | 3.7 | < 1.8.0_sr7.20-150000.3.65.1 | 1.8.0_sr7.20-150000.3.65.1 | Oct 18, 2022 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to e | |
| CVE-2022-21626 | Med | 5.3 | < 1.8.0_sr7.20-150000.3.65.1 | 1.8.0_sr7.20-150000.3.65.1 | Oct 18, 2022 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily expl | |
| CVE-2022-21624 | Low | 3.7 | < 1.8.0_sr7.20-150000.3.65.1 | 1.8.0_sr7.20-150000.3.65.1 | Oct 18, 2022 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. D | |
| CVE-2022-21619 | Low | 3.7 | < 1.8.0_sr7.20-150000.3.65.1 | 1.8.0_sr7.20-150000.3.65.1 | Oct 18, 2022 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2. | |
| CVE-2022-21618 | Med | 5.3 | < 1.8.0_sr7.20-150000.3.65.1 | 1.8.0_sr7.20-150000.3.65.1 | Oct 18, 2022 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JGSS). Supported versions that are affected are Oracle Java SE: 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 21.3.3 and 22.2.0. Easily exploitable vulnerability allows | |
| CVE-2022-21628 | — | < 1.8.0_sr7.20-150000.3.65.1 | 1.8.0_sr7.20-150000.3.65.1 | Oct 18, 2022 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Lightweight HTTP Server). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 2 | ||
| CVE-2022-21549 | Med | 5.3 | < 1.8.0_sr7.11-150000.3.62.1 | 1.8.0_sr7.11-150000.3.62.1 | Jul 19, 2022 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 17.0.3.1; Oracle GraalVM Enterprise Edition: 21.3.2 and 22.1.0. Easily exploitable vulnerability allow | |
| CVE-2022-21540 | Med | 5.3 | < 1.8.0_sr7.11-150000.3.62.1 | 1.8.0_sr7.11-150000.3.62.1 | Jul 19, 2022 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1. | |
| CVE-2022-34169 | Hig | 7.5 | < 1.8.0_sr7.11-150000.3.62.1 | 1.8.0_sr7.11-150000.3.62.1 | Jul 19, 2022 | The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update t |
- CVE-2023-21967Apr 18, 2023affected < 1.8.0_sr8.5-150000.3.74.1fixed 1.8.0_sr8.5-150000.3.74.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Dif
- CVE-2023-21954Apr 18, 2023affected < 1.8.0_sr8.5-150000.3.74.1fixed 1.8.0_sr8.5-150000.3.74.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Diff
- CVE-2023-21939Apr 18, 2023affected < 1.8.0_sr8.5-150000.3.74.1fixed 1.8.0_sr8.5-150000.3.74.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Swing). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Ea
- CVE-2023-21938Apr 18, 2023affected < 1.8.0_sr8.5-150000.3.74.1fixed 1.8.0_sr8.5-150000.3.74.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0
- CVE-2023-21937Apr 18, 2023affected < 1.8.0_sr8.5-150000.3.74.1fixed 1.8.0_sr8.5-150000.3.74.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.
- CVE-2023-21930Apr 18, 2023affected < 1.8.0_sr8.5-150000.3.74.1fixed 1.8.0_sr8.5-150000.3.74.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Dif
- CVE-2023-25193Feb 4, 2023affected < 1.8.0_sr8.10-150000.3.80.1fixed 1.8.0_sr8.10-150000.3.80.1
hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks.
- CVE-2023-21843Jan 17, 2023affected < 1.8.0_sr8.0-150000.3.71.1fixed 1.8.0_sr8.0-150000.3.71.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Sound). Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf, 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0
- CVE-2023-21835Jan 17, 2023affected < 1.8.0_sr8.0-150000.3.71.1fixed 1.8.0_sr8.0-150000.3.71.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Easily exploitable
- CVE-2023-21830Jan 17, 2023affected < 1.8.0_sr8.0-150000.3.71.1fixed 1.8.0_sr8.0-150000.3.71.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf; Oracle GraalVM Enterprise Edition: 20.3.8 and 21.3.4. Easily exploitable vuln
- CVE-2022-3676Oct 24, 2022affected < 1.8.0_sr7.20-150000.3.68.1fixed 1.8.0_sr7.20-150000.3.68.1
In Eclipse Openj9 before version 0.35.0, interface calls can be inlined without a runtime type check. Malicious bytecode could make use of this inlining to access or modify memory via an incompatible type.
- affected < 1.8.0_sr7.20-150000.3.65.1fixed 1.8.0_sr7.20-150000.3.65.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to e
- affected < 1.8.0_sr7.20-150000.3.65.1fixed 1.8.0_sr7.20-150000.3.65.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily expl
- affected < 1.8.0_sr7.20-150000.3.65.1fixed 1.8.0_sr7.20-150000.3.65.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. D
- affected < 1.8.0_sr7.20-150000.3.65.1fixed 1.8.0_sr7.20-150000.3.65.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.
- affected < 1.8.0_sr7.20-150000.3.65.1fixed 1.8.0_sr7.20-150000.3.65.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JGSS). Supported versions that are affected are Oracle Java SE: 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 21.3.3 and 22.2.0. Easily exploitable vulnerability allows
- CVE-2022-21628Oct 18, 2022affected < 1.8.0_sr7.20-150000.3.65.1fixed 1.8.0_sr7.20-150000.3.65.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Lightweight HTTP Server). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 2
- affected < 1.8.0_sr7.11-150000.3.62.1fixed 1.8.0_sr7.11-150000.3.62.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 17.0.3.1; Oracle GraalVM Enterprise Edition: 21.3.2 and 22.1.0. Easily exploitable vulnerability allow
- affected < 1.8.0_sr7.11-150000.3.62.1fixed 1.8.0_sr7.11-150000.3.62.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1.
- affected < 1.8.0_sr7.11-150000.3.62.1fixed 1.8.0_sr7.11-150000.3.62.1
The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update t
Page 3 of 5