rpm package

suse/java-1_8_0-openjdk&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP2

pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2

Vulnerabilities (190)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2017-10105	Med	4.3	< 1.8.0.144-27.5.3	1.8.0.144-27.5.3	Aug 8, 2017	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise
CVE-2017-10102	Cri	9.0	< 1.8.0.144-27.5.3	1.8.0.144-27.5.3	Aug 8, 2017	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Difficult to exploit vulnerability allows unauthenticated attacker with network acces
CVE-2017-10101	Cri	9.6	< 1.8.0.144-27.5.3	1.8.0.144-27.5.3	Aug 8, 2017	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access
CVE-2017-10096	Cri	9.6	< 1.8.0.144-27.5.3	1.8.0.144-27.5.3	Aug 8, 2017	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access
CVE-2017-10090	Cri	9.6	< 1.8.0.144-27.5.3	1.8.0.144-27.5.3	Aug 8, 2017	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access v
CVE-2017-10089	Cri	9.6	< 1.8.0.144-27.5.3	1.8.0.144-27.5.3	Aug 8, 2017	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: ImageIO). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Ja
CVE-2017-10087	Cri	9.6	< 1.8.0.144-27.5.3	1.8.0.144-27.5.3	Aug 8, 2017	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network a
CVE-2017-10086	Cri	9.6	< 1.8.0.144-27.5.3	1.8.0.144-27.5.3	Aug 8, 2017	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Supported versions that are affected are Java SE: 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. S
CVE-2017-10081	Med	4.3	< 1.8.0.144-27.5.3	1.8.0.144-27.5.3	Aug 8, 2017	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network acc
CVE-2017-10078	Hig	8.1	< 1.8.0.144-27.5.3	1.8.0.144-27.5.3	Aug 8, 2017	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Scripting). The supported version that is affected is Java SE: 8u131. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise Java SE. Successf
CVE-2017-10074	Hig	8.3	< 1.8.0.144-27.5.3	1.8.0.144-27.5.3	Aug 8, 2017	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Difficult to exploit vulnerability allows unauthenticated attacker with network a
CVE-2017-10067	Hig	7.5	< 1.8.0.144-27.5.3	1.8.0.144-27.5.3	Aug 8, 2017	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise
CVE-2017-10053	Med	5.3	< 1.8.0.144-27.5.3	1.8.0.144-27.5.3	Aug 8, 2017	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated at
CVE-2016-9843	Cri	9.8	< 1.8.0.151-27.8.1	1.8.0.151-27.8.1	May 23, 2017	The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.
CVE-2016-9842	Hig	8.8	< 1.8.0.151-27.8.1	1.8.0.151-27.8.1	May 23, 2017	The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers.
CVE-2016-9841	Cri	9.8	< 1.8.0.151-27.8.1	1.8.0.151-27.8.1	May 23, 2017	inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
CVE-2016-9840	Hig	8.8	< 1.8.0.151-27.8.1	1.8.0.151-27.8.1	May 23, 2017	inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
CVE-2017-5461	Cri	9.8	< 1.8.0.121-23.4	1.8.0.121-23.4	May 11, 2017	Mozilla Network Security Services (NSS) before 3.21.4, 3.22.x through 3.28.x before 3.28.4, 3.29.x before 3.29.5, and 3.30.x before 3.30.1 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact by leveraging incorrect
CVE-2017-3544	Low	3.7	< 1.8.0.131-26.3	1.8.0.131-26.3	Apr 24, 2017	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthen
CVE-2017-3539	Low	3.1	< 1.8.0.131-26.3	1.8.0.131-26.3	Apr 24, 2017	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121. Difficult to exploit vulnerability allows unauthenticated attacker with network

CVE-2017-10105MedAug 8, 2017
affected < 1.8.0.144-27.5.3fixed 1.8.0.144-27.5.3
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise
CVE-2017-10102CriAug 8, 2017
affected < 1.8.0.144-27.5.3fixed 1.8.0.144-27.5.3
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Difficult to exploit vulnerability allows unauthenticated attacker with network acces
CVE-2017-10101CriAug 8, 2017
affected < 1.8.0.144-27.5.3fixed 1.8.0.144-27.5.3
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access
CVE-2017-10096CriAug 8, 2017
affected < 1.8.0.144-27.5.3fixed 1.8.0.144-27.5.3
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access
CVE-2017-10090CriAug 8, 2017
affected < 1.8.0.144-27.5.3fixed 1.8.0.144-27.5.3
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access v
CVE-2017-10089CriAug 8, 2017
affected < 1.8.0.144-27.5.3fixed 1.8.0.144-27.5.3
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: ImageIO). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Ja
CVE-2017-10087CriAug 8, 2017
affected < 1.8.0.144-27.5.3fixed 1.8.0.144-27.5.3
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network a
CVE-2017-10086CriAug 8, 2017
affected < 1.8.0.144-27.5.3fixed 1.8.0.144-27.5.3
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Supported versions that are affected are Java SE: 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. S
CVE-2017-10081MedAug 8, 2017
affected < 1.8.0.144-27.5.3fixed 1.8.0.144-27.5.3
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network acc
CVE-2017-10078HigAug 8, 2017
affected < 1.8.0.144-27.5.3fixed 1.8.0.144-27.5.3
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Scripting). The supported version that is affected is Java SE: 8u131. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise Java SE. Successf
CVE-2017-10074HigAug 8, 2017
affected < 1.8.0.144-27.5.3fixed 1.8.0.144-27.5.3
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Difficult to exploit vulnerability allows unauthenticated attacker with network a
CVE-2017-10067HigAug 8, 2017
affected < 1.8.0.144-27.5.3fixed 1.8.0.144-27.5.3
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise
CVE-2017-10053MedAug 8, 2017
affected < 1.8.0.144-27.5.3fixed 1.8.0.144-27.5.3
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated at
CVE-2016-9843CriMay 23, 2017
affected < 1.8.0.151-27.8.1fixed 1.8.0.151-27.8.1
The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.
CVE-2016-9842HigMay 23, 2017
affected < 1.8.0.151-27.8.1fixed 1.8.0.151-27.8.1
The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers.
CVE-2016-9841CriMay 23, 2017
affected < 1.8.0.151-27.8.1fixed 1.8.0.151-27.8.1
inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
CVE-2016-9840HigMay 23, 2017
affected < 1.8.0.151-27.8.1fixed 1.8.0.151-27.8.1
inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
CVE-2017-5461CriMay 11, 2017
affected < 1.8.0.121-23.4fixed 1.8.0.121-23.4
Mozilla Network Security Services (NSS) before 3.21.4, 3.22.x through 3.28.x before 3.28.4, 3.29.x before 3.29.5, and 3.30.x before 3.30.1 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact by leveraging incorrect
CVE-2017-3544LowApr 24, 2017
affected < 1.8.0.131-26.3fixed 1.8.0.131-26.3
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthen
CVE-2017-3539LowApr 24, 2017
affected < 1.8.0.131-26.3fixed 1.8.0.131-26.3
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121. Difficult to exploit vulnerability allows unauthenticated attacker with network

Page 8 of 10