rpm package

suse/java-1_8_0-ibm&distro=SUSE Linux Enterprise Software Development Kit 12 SP3

pkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3

Vulnerabilities (94)

CVE	CVSS	Affected versions	Fixed in	Published	Description
CVE-2018-2952	—	< 1.8.0_sr5.20-30.36.1	1.8.0_sr5.20-30.36.1	Jul 18, 2018	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). Supported versions that are affected are Java SE: 6u191, 7u181, 8u172 and 10.0.1; Java SE Embedded: 8u171; JRockit: R28.3.18. Difficult to exploit vulnerability allows
CVE-2018-2940	—	< 1.8.0_sr5.20-30.36.1	1.8.0_sr5.20-30.36.1	Jul 18, 2018	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u191, 7u181, 8u172 and 10.0.1; Java SE Embedded: 8u171. Easily exploitable vulnerability allows unauthenticated attacker with n
CVE-2018-13785	—	< 1.8.0_sr5.25-30.39.1	1.8.0_sr5.25-30.39.1	Jul 9, 2018	In libpng 1.6.34, a wrong calculation of row_factor in the png_check_chunk_length function (pngrutil.c) may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service.
CVE-2018-11212	—	< 1.8.0_sr5.30-30.46.1	1.8.0_sr5.30-30.46.1	May 16, 2018	An issue was discovered in libjpeg 9a and 9d. The alloc_sarray function in jmemmgr.c allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted file.
CVE-2018-2826	—	< 1.8.0_sr5.15-30.33.1	1.8.0_sr5.15-30.33.1	Apr 19, 2018	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). The supported version that is affected is Java SE: 10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successf
CVE-2018-2825	—	< 1.8.0_sr5.15-30.33.1	1.8.0_sr5.15-30.33.1	Apr 19, 2018	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). The supported version that is affected is Java SE: 10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successf
CVE-2018-2814	—	< 1.8.0_sr5.15-30.33.1	1.8.0_sr5.15-30.33.1	Apr 19, 2018	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161. Difficult to exploit vulnerability allows unauthenticated attacker with netwo
CVE-2018-2800	—	< 1.8.0_sr5.15-30.33.1	1.8.0_sr5.15-30.33.1	Apr 19, 2018	Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u181, 7u171 and 8u162; JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple
CVE-2018-2799	—	< 1.8.0_sr5.15-30.33.1	1.8.0_sr5.15-30.33.1	Apr 19, 2018	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated att
CVE-2018-2798	—	< 1.8.0_sr5.15-30.33.1	1.8.0_sr5.15-30.33.1	Apr 19, 2018	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticat
CVE-2018-2797	—	< 1.8.0_sr5.15-30.33.1	1.8.0_sr5.15-30.33.1	Apr 19, 2018	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JMX). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticat
CVE-2018-2796	—	< 1.8.0_sr5.15-30.33.1	1.8.0_sr5.15-30.33.1	Apr 19, 2018	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthentica
CVE-2018-2795	—	< 1.8.0_sr5.15-30.33.1	1.8.0_sr5.15-30.33.1	Apr 19, 2018	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthen
CVE-2018-2794	—	< 1.8.0_sr5.15-30.33.1	1.8.0_sr5.15-30.33.1	Apr 19, 2018	Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162, 10 and JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infras
CVE-2018-2790	—	< 1.8.0_sr5.15-30.33.1	1.8.0_sr5.15-30.33.1	Apr 19, 2018	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161. Difficult to exploit vulnerability allows unauthenticated attacker with netw
CVE-2018-2783	—	< 1.8.0_sr5.15-30.33.1	1.8.0_sr5.15-30.33.1	Apr 19, 2018	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u161 and 8u152; Java SE Embedded: 8u152; JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenti
CVE-2018-1417	—	< 1.8.0_sr5.15-30.33.1	1.8.0_sr5.15-30.33.1	Feb 22, 2018	Under certain circumstances, a flaw in the J9 JVM (IBM SDK, Java Technology Edition 7.1 and 8.0) allows untrusted code running under a security manager to elevate its privileges. IBM X-Force ID: 138823.
CVE-2018-2678	—	< 1.8.0_sr5.10-30.16.1	1.8.0_sr5.10-30.16.1	Jan 18, 2018	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthent
CVE-2018-2677	—	< 1.8.0_sr5.10-30.16.1	1.8.0_sr5.10-30.16.1	Jan 18, 2018	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Easily exploitable vulnerability allows unauthenticated attacker with network
CVE-2018-2663	—	< 1.8.0_sr5.10-30.16.1	1.8.0_sr5.10-30.16.1	Jan 18, 2018	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unau

CVE-2018-2952Jul 18, 2018
affected < 1.8.0_sr5.20-30.36.1fixed 1.8.0_sr5.20-30.36.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). Supported versions that are affected are Java SE: 6u191, 7u181, 8u172 and 10.0.1; Java SE Embedded: 8u171; JRockit: R28.3.18. Difficult to exploit vulnerability allows
CVE-2018-2940Jul 18, 2018
affected < 1.8.0_sr5.20-30.36.1fixed 1.8.0_sr5.20-30.36.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u191, 7u181, 8u172 and 10.0.1; Java SE Embedded: 8u171. Easily exploitable vulnerability allows unauthenticated attacker with n
CVE-2018-13785Jul 9, 2018
affected < 1.8.0_sr5.25-30.39.1fixed 1.8.0_sr5.25-30.39.1
In libpng 1.6.34, a wrong calculation of row_factor in the png_check_chunk_length function (pngrutil.c) may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service.
CVE-2018-11212May 16, 2018
affected < 1.8.0_sr5.30-30.46.1fixed 1.8.0_sr5.30-30.46.1
An issue was discovered in libjpeg 9a and 9d. The alloc_sarray function in jmemmgr.c allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted file.
CVE-2018-2826Apr 19, 2018
affected < 1.8.0_sr5.15-30.33.1fixed 1.8.0_sr5.15-30.33.1
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). The supported version that is affected is Java SE: 10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successf
CVE-2018-2825Apr 19, 2018
affected < 1.8.0_sr5.15-30.33.1fixed 1.8.0_sr5.15-30.33.1
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). The supported version that is affected is Java SE: 10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successf
CVE-2018-2814Apr 19, 2018
affected < 1.8.0_sr5.15-30.33.1fixed 1.8.0_sr5.15-30.33.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161. Difficult to exploit vulnerability allows unauthenticated attacker with netwo
CVE-2018-2800Apr 19, 2018
affected < 1.8.0_sr5.15-30.33.1fixed 1.8.0_sr5.15-30.33.1
Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u181, 7u171 and 8u162; JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple
CVE-2018-2799Apr 19, 2018
affected < 1.8.0_sr5.15-30.33.1fixed 1.8.0_sr5.15-30.33.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated att
CVE-2018-2798Apr 19, 2018
affected < 1.8.0_sr5.15-30.33.1fixed 1.8.0_sr5.15-30.33.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticat
CVE-2018-2797Apr 19, 2018
affected < 1.8.0_sr5.15-30.33.1fixed 1.8.0_sr5.15-30.33.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JMX). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticat
CVE-2018-2796Apr 19, 2018
affected < 1.8.0_sr5.15-30.33.1fixed 1.8.0_sr5.15-30.33.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthentica
CVE-2018-2795Apr 19, 2018
affected < 1.8.0_sr5.15-30.33.1fixed 1.8.0_sr5.15-30.33.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthen
CVE-2018-2794Apr 19, 2018
affected < 1.8.0_sr5.15-30.33.1fixed 1.8.0_sr5.15-30.33.1
Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162, 10 and JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infras
CVE-2018-2790Apr 19, 2018
affected < 1.8.0_sr5.15-30.33.1fixed 1.8.0_sr5.15-30.33.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161. Difficult to exploit vulnerability allows unauthenticated attacker with netw
CVE-2018-2783Apr 19, 2018
affected < 1.8.0_sr5.15-30.33.1fixed 1.8.0_sr5.15-30.33.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u161 and 8u152; Java SE Embedded: 8u152; JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenti
CVE-2018-1417Feb 22, 2018
affected < 1.8.0_sr5.15-30.33.1fixed 1.8.0_sr5.15-30.33.1
Under certain circumstances, a flaw in the J9 JVM (IBM SDK, Java Technology Edition 7.1 and 8.0) allows untrusted code running under a security manager to elevate its privileges. IBM X-Force ID: 138823.
CVE-2018-2678Jan 18, 2018
affected < 1.8.0_sr5.10-30.16.1fixed 1.8.0_sr5.10-30.16.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthent
CVE-2018-2677Jan 18, 2018
affected < 1.8.0_sr5.10-30.16.1fixed 1.8.0_sr5.10-30.16.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Easily exploitable vulnerability allows unauthenticated attacker with network
CVE-2018-2663Jan 18, 2018
affected < 1.8.0_sr5.10-30.16.1fixed 1.8.0_sr5.10-30.16.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unau

Page 2 of 5