rpm package
suse/java-1_8_0-openjdk&distro=SUSE Linux Enterprise Server 15 SP1-LTSS
pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSS
Vulnerabilities (56)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-35586 | — | < 1.8.0.312-3.58.2 | 1.8.0.312-3.58.2 | Oct 20, 2021 | Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allo | ||
| CVE-2021-35578 | — | < 1.8.0.312-3.58.2 | 1.8.0.312-3.58.2 | Oct 20, 2021 | Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthe | ||
| CVE-2021-35567 | — | < 1.8.0.312-3.58.2 | 1.8.0.312-3.58.2 | Oct 20, 2021 | Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows lo | ||
| CVE-2021-35565 | — | < 1.8.0.312-3.58.2 | 1.8.0.312-3.58.2 | Oct 20, 2021 | Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unau | ||
| CVE-2021-35564 | — | < 1.8.0.312-3.58.2 | 1.8.0.312-3.58.2 | Oct 20, 2021 | Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Keytool). Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allo | ||
| CVE-2021-35561 | — | < 1.8.0.312-3.58.2 | 1.8.0.312-3.58.2 | Oct 20, 2021 | Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Utility). Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allo | ||
| CVE-2021-35559 | — | < 1.8.0.312-3.58.2 | 1.8.0.312-3.58.2 | Oct 20, 2021 | Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Swing). Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows | ||
| CVE-2021-35556 | — | < 1.8.0.312-3.58.2 | 1.8.0.312-3.58.2 | Oct 20, 2021 | Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Swing). Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows | ||
| CVE-2021-35550 | — | < 1.8.0.312-3.58.2 | 1.8.0.312-3.58.2 | Oct 20, 2021 | Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Difficult to exploit vulnerability allows un | ||
| CVE-2021-2388 | — | < 1.8.0.302-3.55.2 | 1.8.0.302-3.55.2 | Jul 20, 2021 | Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Java SE: 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. Difficult to exploit vulnerability allow | ||
| CVE-2021-2341 | — | < 1.8.0.302-3.55.2 | 1.8.0.302-3.55.2 | Jul 20, 2021 | Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Java SE: 7u301, 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. Difficult to exploit vulnerabi | ||
| CVE-2021-2369 | — | < 1.8.0.302-3.55.2 | 1.8.0.302-3.55.2 | Jul 20, 2021 | Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Library). Supported versions that are affected are Java SE: 7u301, 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. Easily exploitable vulnerability | ||
| CVE-2021-2163 | — | < 1.8.0.292-3.52.1 | 1.8.0.292-3.52.1 | Apr 22, 2021 | Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u291, 8u281, 11.0.10, 16; Java SE Embedded: 8u281; Oracle GraalVM Enterprise Edition: 19.3.5, 20. | ||
| CVE-2021-2161 | — | < 1.8.0.302-3.55.2 | 1.8.0.302-3.55.2 | Apr 22, 2021 | Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u291, 8u281, 11.0.10, 16; Java SE Embedded: 8u281; Oracle GraalVM Enterprise Edition: 19.3.5, 20. | ||
| CVE-2020-14803 | — | < 1.8.0.282-3.48.1 | 1.8.0.282-3.48.1 | Oct 21, 2020 | Vulnerability in the Java SE product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 11.0.8 and 15. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Succe | ||
| CVE-2015-4000 | Low | 3.7 | < 1.8.0.392-150000.3.85.1 | 1.8.0.392-150000.3.85.1 | May 21, 2015 | The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by D |
- CVE-2021-35586Oct 20, 2021affected < 1.8.0.312-3.58.2fixed 1.8.0.312-3.58.2
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allo
- CVE-2021-35578Oct 20, 2021affected < 1.8.0.312-3.58.2fixed 1.8.0.312-3.58.2
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthe
- CVE-2021-35567Oct 20, 2021affected < 1.8.0.312-3.58.2fixed 1.8.0.312-3.58.2
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows lo
- CVE-2021-35565Oct 20, 2021affected < 1.8.0.312-3.58.2fixed 1.8.0.312-3.58.2
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unau
- CVE-2021-35564Oct 20, 2021affected < 1.8.0.312-3.58.2fixed 1.8.0.312-3.58.2
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Keytool). Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allo
- CVE-2021-35561Oct 20, 2021affected < 1.8.0.312-3.58.2fixed 1.8.0.312-3.58.2
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Utility). Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allo
- CVE-2021-35559Oct 20, 2021affected < 1.8.0.312-3.58.2fixed 1.8.0.312-3.58.2
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Swing). Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows
- CVE-2021-35556Oct 20, 2021affected < 1.8.0.312-3.58.2fixed 1.8.0.312-3.58.2
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Swing). Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows
- CVE-2021-35550Oct 20, 2021affected < 1.8.0.312-3.58.2fixed 1.8.0.312-3.58.2
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Difficult to exploit vulnerability allows un
- CVE-2021-2388Jul 20, 2021affected < 1.8.0.302-3.55.2fixed 1.8.0.302-3.55.2
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Java SE: 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. Difficult to exploit vulnerability allow
- CVE-2021-2341Jul 20, 2021affected < 1.8.0.302-3.55.2fixed 1.8.0.302-3.55.2
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Java SE: 7u301, 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. Difficult to exploit vulnerabi
- CVE-2021-2369Jul 20, 2021affected < 1.8.0.302-3.55.2fixed 1.8.0.302-3.55.2
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Library). Supported versions that are affected are Java SE: 7u301, 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. Easily exploitable vulnerability
- CVE-2021-2163Apr 22, 2021affected < 1.8.0.292-3.52.1fixed 1.8.0.292-3.52.1
Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u291, 8u281, 11.0.10, 16; Java SE Embedded: 8u281; Oracle GraalVM Enterprise Edition: 19.3.5, 20.
- CVE-2021-2161Apr 22, 2021affected < 1.8.0.302-3.55.2fixed 1.8.0.302-3.55.2
Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u291, 8u281, 11.0.10, 16; Java SE Embedded: 8u281; Oracle GraalVM Enterprise Edition: 19.3.5, 20.
- CVE-2020-14803Oct 21, 2020affected < 1.8.0.282-3.48.1fixed 1.8.0.282-3.48.1
Vulnerability in the Java SE product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 11.0.8 and 15. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Succe
- affected < 1.8.0.392-150000.3.85.1fixed 1.8.0.392-150000.3.85.1
The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by D
Page 3 of 3