rpm package

suse/java-1_8_0-openjdk&distro=SUSE Linux Enterprise Desktop 12 SP1

pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP1

Vulnerabilities (77)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2017-5435		—	< 1.8.0.121-23.4	1.8.0.121-23.4	Jun 11, 2018	A use-after-free vulnerability occurs during transaction processing in the editor during design mode interactions. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
CVE-2017-5434		—	< 1.8.0.121-23.4	1.8.0.121-23.4	Jun 11, 2018	A use-after-free vulnerability occurs when redirecting focus handling which results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
CVE-2017-5433		—	< 1.8.0.121-23.4	1.8.0.121-23.4	Jun 11, 2018	A use-after-free vulnerability in SMIL animation functions occurs when pointers to animation elements in an array are dropped from the animation controller while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox
CVE-2017-5432		—	< 1.8.0.121-23.4	1.8.0.121-23.4	Jun 11, 2018	A use-after-free vulnerability occurs during certain text input selection resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
CVE-2017-5429		—	< 1.8.0.121-23.4	1.8.0.121-23.4	Jun 11, 2018	Memory safety bugs were reported in Firefox 52, Firefox ESR 45.8, Firefox ESR 52, and Thunderbird 52. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability aff
CVE-2017-5461	Cri	9.8	< 1.8.0.121-23.4	1.8.0.121-23.4	May 11, 2017	Mozilla Network Security Services (NSS) before 3.21.4, 3.22.x through 3.28.x before 3.28.4, 3.29.x before 3.29.5, and 3.30.x before 3.30.1 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact by leveraging incorrect
CVE-2017-3289	Cri	9.6	< 1.8.0.121-20.1	1.8.0.121-20.1	Jan 27, 2017	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via
CVE-2017-3272	Cri	9.6	< 1.8.0.121-20.1	1.8.0.121-20.1	Jan 27, 2017	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network a
CVE-2017-3261	Med	4.3	< 1.8.0.121-20.1	1.8.0.121-20.1	Jan 27, 2017	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network
CVE-2017-3260	Hig	8.3	< 1.8.0.121-20.1	1.8.0.121-20.1	Jan 27, 2017	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 7u121 and 8u112. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Su
CVE-2017-3253	Hig	7.5	< 1.8.0.121-20.1	1.8.0.121-20.1	Jan 27, 2017	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated at
CVE-2017-3252	Med	5.8	< 1.8.0.121-20.1	1.8.0.121-20.1	Jan 27, 2017	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAAS). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Difficult to exploit vulnerability allows low privileged
CVE-2017-3241	Cri	9.0	< 1.8.0.121-20.1	1.8.0.121-20.1	Jan 27, 2017	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Difficult to exploit vulnerability allows unauthenticated
CVE-2017-3231	Med	4.3	< 1.8.0.121-20.1	1.8.0.121-20.1	Jan 27, 2017	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network
CVE-2016-5552	Med	5.3	< 1.8.0.121-20.1	1.8.0.121-20.1	Jan 27, 2017	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenti
CVE-2016-5549	Med	6.5	< 1.8.0.121-20.1	1.8.0.121-20.1	Jan 27, 2017	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access v
CVE-2016-5548	Med	6.5	< 1.8.0.121-20.1	1.8.0.121-20.1	Jan 27, 2017	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network a
CVE-2016-5547	Med	5.3	< 1.8.0.121-20.1	1.8.0.121-20.1	Jan 27, 2017	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated at
CVE-2016-5546	Hig	7.5	< 1.8.0.121-20.1	1.8.0.121-20.1	Jan 27, 2017	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthentic
CVE-2016-5597	Med	5.9	< 1.8.0.111-17.1	1.8.0.111-17.1	Oct 25, 2016	Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect confidentiality via vectors related to Networking.

CVE-2017-5435Jun 11, 2018
affected < 1.8.0.121-23.4fixed 1.8.0.121-23.4
A use-after-free vulnerability occurs during transaction processing in the editor during design mode interactions. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
CVE-2017-5434Jun 11, 2018
affected < 1.8.0.121-23.4fixed 1.8.0.121-23.4
A use-after-free vulnerability occurs when redirecting focus handling which results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
CVE-2017-5433Jun 11, 2018
affected < 1.8.0.121-23.4fixed 1.8.0.121-23.4
A use-after-free vulnerability in SMIL animation functions occurs when pointers to animation elements in an array are dropped from the animation controller while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox
CVE-2017-5432Jun 11, 2018
affected < 1.8.0.121-23.4fixed 1.8.0.121-23.4
A use-after-free vulnerability occurs during certain text input selection resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
CVE-2017-5429Jun 11, 2018
affected < 1.8.0.121-23.4fixed 1.8.0.121-23.4
Memory safety bugs were reported in Firefox 52, Firefox ESR 45.8, Firefox ESR 52, and Thunderbird 52. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability aff
CVE-2017-5461CriMay 11, 2017
affected < 1.8.0.121-23.4fixed 1.8.0.121-23.4
Mozilla Network Security Services (NSS) before 3.21.4, 3.22.x through 3.28.x before 3.28.4, 3.29.x before 3.29.5, and 3.30.x before 3.30.1 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact by leveraging incorrect
CVE-2017-3289CriJan 27, 2017
affected < 1.8.0.121-20.1fixed 1.8.0.121-20.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via
CVE-2017-3272CriJan 27, 2017
affected < 1.8.0.121-20.1fixed 1.8.0.121-20.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network a
CVE-2017-3261MedJan 27, 2017
affected < 1.8.0.121-20.1fixed 1.8.0.121-20.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network
CVE-2017-3260HigJan 27, 2017
affected < 1.8.0.121-20.1fixed 1.8.0.121-20.1
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 7u121 and 8u112. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Su
CVE-2017-3253HigJan 27, 2017
affected < 1.8.0.121-20.1fixed 1.8.0.121-20.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated at
CVE-2017-3252MedJan 27, 2017
affected < 1.8.0.121-20.1fixed 1.8.0.121-20.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAAS). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Difficult to exploit vulnerability allows low privileged
CVE-2017-3241CriJan 27, 2017
affected < 1.8.0.121-20.1fixed 1.8.0.121-20.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Difficult to exploit vulnerability allows unauthenticated
CVE-2017-3231MedJan 27, 2017
affected < 1.8.0.121-20.1fixed 1.8.0.121-20.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network
CVE-2016-5552MedJan 27, 2017
affected < 1.8.0.121-20.1fixed 1.8.0.121-20.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenti
CVE-2016-5549MedJan 27, 2017
affected < 1.8.0.121-20.1fixed 1.8.0.121-20.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access v
CVE-2016-5548MedJan 27, 2017
affected < 1.8.0.121-20.1fixed 1.8.0.121-20.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network a
CVE-2016-5547MedJan 27, 2017
affected < 1.8.0.121-20.1fixed 1.8.0.121-20.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated at
CVE-2016-5546HigJan 27, 2017
affected < 1.8.0.121-20.1fixed 1.8.0.121-20.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthentic
CVE-2016-5597MedOct 25, 2016
affected < 1.8.0.111-17.1fixed 1.8.0.111-17.1
Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect confidentiality via vectors related to Networking.

Page 2 of 4