rpm package

suse/java-1_8_0-ibm&distro=SUSE Linux Enterprise Server 12 SP4-LTSS

pkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-LTSS

Vulnerabilities (76)

CVE	CVSS	Affected versions	Fixed in	Published	Description
CVE-2023-2597	—	< 1.8.0_sr8.5-30.108.1	1.8.0_sr8.5-30.108.1	May 22, 2023	In Eclipse Openj9 before version 0.38.0, in the implementation of the shared cache (which is enabled by default in OpenJ9 builds) the size of a string is not properly checked against the size of the buffer.
CVE-2023-30441	—	< 1.8.0_sr8.5-30.108.1	1.8.0_sr8.5-30.108.1	Apr 29, 2023	IBM Runtime Environment, Java Technology Edition IBMJCEPlus and JSSE 8.0.7.0 through 8.0.7.11 components could expose sensitive information using a combination of flaws and configurations. IBM X-Force ID: 253188.
CVE-2023-21968	—	< 1.8.0_sr8.5-30.108.1	1.8.0_sr8.5-30.108.1	Apr 18, 2023	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1
CVE-2023-21967	—	< 1.8.0_sr8.5-30.108.1	1.8.0_sr8.5-30.108.1	Apr 18, 2023	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Dif
CVE-2023-21954	—	< 1.8.0_sr8.5-30.108.1	1.8.0_sr8.5-30.108.1	Apr 18, 2023	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Diff
CVE-2023-21939	—	< 1.8.0_sr8.5-30.108.1	1.8.0_sr8.5-30.108.1	Apr 18, 2023	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Swing). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Ea
CVE-2023-21938	—	< 1.8.0_sr8.5-30.108.1	1.8.0_sr8.5-30.108.1	Apr 18, 2023	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0
CVE-2023-21937	—	< 1.8.0_sr8.5-30.108.1	1.8.0_sr8.5-30.108.1	Apr 18, 2023	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.
CVE-2023-21930	—	< 1.8.0_sr8.5-30.108.1	1.8.0_sr8.5-30.108.1	Apr 18, 2023	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Dif
CVE-2023-21843	—	< 1.8.0_sr8.0-30.105.1	1.8.0_sr8.0-30.105.1	Jan 17, 2023	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Sound). Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf, 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0
CVE-2023-21835	—	< 1.8.0_sr8.0-30.105.1	1.8.0_sr8.0-30.105.1	Jan 17, 2023	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Easily exploitable
CVE-2023-21830	—	< 1.8.0_sr8.0-30.105.1	1.8.0_sr8.0-30.105.1	Jan 17, 2023	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf; Oracle GraalVM Enterprise Edition: 20.3.8 and 21.3.4. Easily exploitable vuln
CVE-2022-3676	—	< 1.8.0_sr7.20-30.102.1	1.8.0_sr7.20-30.102.1	Oct 24, 2022	In Eclipse Openj9 before version 0.35.0, interface calls can be inlined without a runtime type check. Malicious bytecode could make use of this inlining to access or modify memory via an incompatible type.
CVE-2022-39399	—	< 1.8.0_sr7.20-30.99.1	1.8.0_sr7.20-30.99.1	Oct 18, 2022	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to e
CVE-2022-21628	—	< 1.8.0_sr7.20-30.99.1	1.8.0_sr7.20-30.99.1	Oct 18, 2022	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Lightweight HTTP Server). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 2
CVE-2022-21626	—	< 1.8.0_sr7.20-30.99.1	1.8.0_sr7.20-30.99.1	Oct 18, 2022	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily expl
CVE-2022-21624	—	< 1.8.0_sr7.20-30.99.1	1.8.0_sr7.20-30.99.1	Oct 18, 2022	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. D
CVE-2022-21619	—	< 1.8.0_sr7.20-30.99.1	1.8.0_sr7.20-30.99.1	Oct 18, 2022	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.
CVE-2022-21618	—	< 1.8.0_sr7.20-30.99.1	1.8.0_sr7.20-30.99.1	Oct 18, 2022	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JGSS). Supported versions that are affected are Oracle Java SE: 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 21.3.3 and 22.2.0. Easily exploitable vulnerability allows
CVE-2022-34169	—	< 1.8.0_sr7.11-30.93.1	1.8.0_sr7.11-30.93.1	Jul 19, 2022	The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update t

CVE-2023-2597May 22, 2023
affected < 1.8.0_sr8.5-30.108.1fixed 1.8.0_sr8.5-30.108.1
In Eclipse Openj9 before version 0.38.0, in the implementation of the shared cache (which is enabled by default in OpenJ9 builds) the size of a string is not properly checked against the size of the buffer.
CVE-2023-30441Apr 29, 2023
affected < 1.8.0_sr8.5-30.108.1fixed 1.8.0_sr8.5-30.108.1
IBM Runtime Environment, Java Technology Edition IBMJCEPlus and JSSE 8.0.7.0 through 8.0.7.11 components could expose sensitive information using a combination of flaws and configurations. IBM X-Force ID: 253188.
CVE-2023-21968Apr 18, 2023
affected < 1.8.0_sr8.5-30.108.1fixed 1.8.0_sr8.5-30.108.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1
CVE-2023-21967Apr 18, 2023
affected < 1.8.0_sr8.5-30.108.1fixed 1.8.0_sr8.5-30.108.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Dif
CVE-2023-21954Apr 18, 2023
affected < 1.8.0_sr8.5-30.108.1fixed 1.8.0_sr8.5-30.108.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Diff
CVE-2023-21939Apr 18, 2023
affected < 1.8.0_sr8.5-30.108.1fixed 1.8.0_sr8.5-30.108.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Swing). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Ea
CVE-2023-21938Apr 18, 2023
affected < 1.8.0_sr8.5-30.108.1fixed 1.8.0_sr8.5-30.108.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0
CVE-2023-21937Apr 18, 2023
affected < 1.8.0_sr8.5-30.108.1fixed 1.8.0_sr8.5-30.108.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.
CVE-2023-21930Apr 18, 2023
affected < 1.8.0_sr8.5-30.108.1fixed 1.8.0_sr8.5-30.108.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Dif
CVE-2023-21843Jan 17, 2023
affected < 1.8.0_sr8.0-30.105.1fixed 1.8.0_sr8.0-30.105.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Sound). Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf, 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0
CVE-2023-21835Jan 17, 2023
affected < 1.8.0_sr8.0-30.105.1fixed 1.8.0_sr8.0-30.105.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Easily exploitable
CVE-2023-21830Jan 17, 2023
affected < 1.8.0_sr8.0-30.105.1fixed 1.8.0_sr8.0-30.105.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf; Oracle GraalVM Enterprise Edition: 20.3.8 and 21.3.4. Easily exploitable vuln
CVE-2022-3676Oct 24, 2022
affected < 1.8.0_sr7.20-30.102.1fixed 1.8.0_sr7.20-30.102.1
In Eclipse Openj9 before version 0.35.0, interface calls can be inlined without a runtime type check. Malicious bytecode could make use of this inlining to access or modify memory via an incompatible type.
CVE-2022-39399Oct 18, 2022
affected < 1.8.0_sr7.20-30.99.1fixed 1.8.0_sr7.20-30.99.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to e
CVE-2022-21628Oct 18, 2022
affected < 1.8.0_sr7.20-30.99.1fixed 1.8.0_sr7.20-30.99.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Lightweight HTTP Server). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 2
CVE-2022-21626Oct 18, 2022
affected < 1.8.0_sr7.20-30.99.1fixed 1.8.0_sr7.20-30.99.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily expl
CVE-2022-21624Oct 18, 2022
affected < 1.8.0_sr7.20-30.99.1fixed 1.8.0_sr7.20-30.99.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. D
CVE-2022-21619Oct 18, 2022
affected < 1.8.0_sr7.20-30.99.1fixed 1.8.0_sr7.20-30.99.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.
CVE-2022-21618Oct 18, 2022
affected < 1.8.0_sr7.20-30.99.1fixed 1.8.0_sr7.20-30.99.1
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JGSS). Supported versions that are affected are Oracle Java SE: 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 21.3.3 and 22.2.0. Easily exploitable vulnerability allows
CVE-2022-34169Jul 19, 2022
affected < 1.8.0_sr7.11-30.93.1fixed 1.8.0_sr7.11-30.93.1
The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update t

Page 1 of 4