rpm package
suse/java-1_8_0-ibm&distro=SUSE Linux Enterprise Software Development Kit 12 SP3
pkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3
Vulnerabilities (94)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-2952 | Low | 3.7 | < 1.8.0_sr5.20-30.36.1 | 1.8.0_sr5.20-30.36.1 | Jul 18, 2018 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). Supported versions that are affected are Java SE: 6u191, 7u181, 8u172 and 10.0.1; Java SE Embedded: 8u171; JRockit: R28.3.18. Difficult to exploit vulnerability allows | |
| CVE-2018-2940 | Med | 4.3 | < 1.8.0_sr5.20-30.36.1 | 1.8.0_sr5.20-30.36.1 | Jul 18, 2018 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u191, 7u181, 8u172 and 10.0.1; Java SE Embedded: 8u171. Easily exploitable vulnerability allows unauthenticated attacker with n | |
| CVE-2018-13785 | Med | 6.5 | < 1.8.0_sr5.25-30.39.1 | 1.8.0_sr5.25-30.39.1 | Jul 9, 2018 | In libpng 1.6.34, a wrong calculation of row_factor in the png_check_chunk_length function (pngrutil.c) may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service. | |
| CVE-2018-11212 | Med | 6.5 | < 1.8.0_sr5.30-30.46.1 | 1.8.0_sr5.30-30.46.1 | May 16, 2018 | An issue was discovered in libjpeg 9a and 9d. The alloc_sarray function in jmemmgr.c allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted file. | |
| CVE-2018-2826 | Hig | 8.3 | < 1.8.0_sr5.15-30.33.1 | 1.8.0_sr5.15-30.33.1 | Apr 19, 2018 | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). The supported version that is affected is Java SE: 10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successf | |
| CVE-2018-2825 | Hig | 8.3 | < 1.8.0_sr5.15-30.33.1 | 1.8.0_sr5.15-30.33.1 | Apr 19, 2018 | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). The supported version that is affected is Java SE: 10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successf | |
| CVE-2018-2814 | Hig | 8.3 | < 1.8.0_sr5.15-30.33.1 | 1.8.0_sr5.15-30.33.1 | Apr 19, 2018 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161. Difficult to exploit vulnerability allows unauthenticated attacker with netwo | |
| CVE-2018-2800 | Med | 4.2 | < 1.8.0_sr5.15-30.33.1 | 1.8.0_sr5.15-30.33.1 | Apr 19, 2018 | Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u181, 7u171 and 8u162; JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple | |
| CVE-2018-2799 | Med | 5.3 | < 1.8.0_sr5.15-30.33.1 | 1.8.0_sr5.15-30.33.1 | Apr 19, 2018 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated att | |
| CVE-2018-2798 | Med | 5.3 | < 1.8.0_sr5.15-30.33.1 | 1.8.0_sr5.15-30.33.1 | Apr 19, 2018 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticat | |
| CVE-2018-2797 | Med | 5.3 | < 1.8.0_sr5.15-30.33.1 | 1.8.0_sr5.15-30.33.1 | Apr 19, 2018 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JMX). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticat | |
| CVE-2018-2796 | Med | 5.3 | < 1.8.0_sr5.15-30.33.1 | 1.8.0_sr5.15-30.33.1 | Apr 19, 2018 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthentica | |
| CVE-2018-2795 | Med | 5.3 | < 1.8.0_sr5.15-30.33.1 | 1.8.0_sr5.15-30.33.1 | Apr 19, 2018 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthen | |
| CVE-2018-2794 | Hig | 7.7 | < 1.8.0_sr5.15-30.33.1 | 1.8.0_sr5.15-30.33.1 | Apr 19, 2018 | Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162, 10 and JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infras | |
| CVE-2018-2790 | Low | 3.1 | < 1.8.0_sr5.15-30.33.1 | 1.8.0_sr5.15-30.33.1 | Apr 19, 2018 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161. Difficult to exploit vulnerability allows unauthenticated attacker with netw | |
| CVE-2018-2783 | Hig | 7.4 | < 1.8.0_sr5.15-30.33.1 | 1.8.0_sr5.15-30.33.1 | Apr 19, 2018 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u161 and 8u152; Java SE Embedded: 8u152; JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenti | |
| CVE-2018-1417 | Hig | 8.1 | < 1.8.0_sr5.15-30.33.1 | 1.8.0_sr5.15-30.33.1 | Feb 22, 2018 | Under certain circumstances, a flaw in the J9 JVM (IBM SDK, Java Technology Edition 7.1 and 8.0) allows untrusted code running under a security manager to elevate its privileges. IBM X-Force ID: 138823. | |
| CVE-2018-2678 | Med | 4.3 | < 1.8.0_sr5.10-30.16.1 | 1.8.0_sr5.10-30.16.1 | Jan 18, 2018 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthent | |
| CVE-2018-2677 | Med | 4.3 | < 1.8.0_sr5.10-30.16.1 | 1.8.0_sr5.10-30.16.1 | Jan 18, 2018 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Easily exploitable vulnerability allows unauthenticated attacker with network | |
| CVE-2018-2663 | Med | 4.3 | < 1.8.0_sr5.10-30.16.1 | 1.8.0_sr5.10-30.16.1 | Jan 18, 2018 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unau |
- affected < 1.8.0_sr5.20-30.36.1fixed 1.8.0_sr5.20-30.36.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). Supported versions that are affected are Java SE: 6u191, 7u181, 8u172 and 10.0.1; Java SE Embedded: 8u171; JRockit: R28.3.18. Difficult to exploit vulnerability allows
- affected < 1.8.0_sr5.20-30.36.1fixed 1.8.0_sr5.20-30.36.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u191, 7u181, 8u172 and 10.0.1; Java SE Embedded: 8u171. Easily exploitable vulnerability allows unauthenticated attacker with n
- affected < 1.8.0_sr5.25-30.39.1fixed 1.8.0_sr5.25-30.39.1
In libpng 1.6.34, a wrong calculation of row_factor in the png_check_chunk_length function (pngrutil.c) may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service.
- affected < 1.8.0_sr5.30-30.46.1fixed 1.8.0_sr5.30-30.46.1
An issue was discovered in libjpeg 9a and 9d. The alloc_sarray function in jmemmgr.c allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted file.
- affected < 1.8.0_sr5.15-30.33.1fixed 1.8.0_sr5.15-30.33.1
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). The supported version that is affected is Java SE: 10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successf
- affected < 1.8.0_sr5.15-30.33.1fixed 1.8.0_sr5.15-30.33.1
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). The supported version that is affected is Java SE: 10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successf
- affected < 1.8.0_sr5.15-30.33.1fixed 1.8.0_sr5.15-30.33.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161. Difficult to exploit vulnerability allows unauthenticated attacker with netwo
- affected < 1.8.0_sr5.15-30.33.1fixed 1.8.0_sr5.15-30.33.1
Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u181, 7u171 and 8u162; JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple
- affected < 1.8.0_sr5.15-30.33.1fixed 1.8.0_sr5.15-30.33.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated att
- affected < 1.8.0_sr5.15-30.33.1fixed 1.8.0_sr5.15-30.33.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticat
- affected < 1.8.0_sr5.15-30.33.1fixed 1.8.0_sr5.15-30.33.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JMX). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticat
- affected < 1.8.0_sr5.15-30.33.1fixed 1.8.0_sr5.15-30.33.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthentica
- affected < 1.8.0_sr5.15-30.33.1fixed 1.8.0_sr5.15-30.33.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthen
- affected < 1.8.0_sr5.15-30.33.1fixed 1.8.0_sr5.15-30.33.1
Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162, 10 and JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infras
- affected < 1.8.0_sr5.15-30.33.1fixed 1.8.0_sr5.15-30.33.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161. Difficult to exploit vulnerability allows unauthenticated attacker with netw
- affected < 1.8.0_sr5.15-30.33.1fixed 1.8.0_sr5.15-30.33.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u161 and 8u152; Java SE Embedded: 8u152; JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenti
- affected < 1.8.0_sr5.15-30.33.1fixed 1.8.0_sr5.15-30.33.1
Under certain circumstances, a flaw in the J9 JVM (IBM SDK, Java Technology Edition 7.1 and 8.0) allows untrusted code running under a security manager to elevate its privileges. IBM X-Force ID: 138823.
- affected < 1.8.0_sr5.10-30.16.1fixed 1.8.0_sr5.10-30.16.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthent
- affected < 1.8.0_sr5.10-30.16.1fixed 1.8.0_sr5.10-30.16.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Easily exploitable vulnerability allows unauthenticated attacker with network
- affected < 1.8.0_sr5.10-30.16.1fixed 1.8.0_sr5.10-30.16.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unau
Page 2 of 5