OpenJDK

Source repositories

https://github.com/openjdk/jdk

CVEs (72)

CVE	Vendor / Product	CVSS	EPSS	Published	Description
CVE-2013-2424	Openjdk OpenJDK	—	0.04	Apr 17, 2013	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality via vectors related to JMX. NOTE:…
CVE-2013-2421	Openjdk OpenJDK	—	0.06	Apr 17, 2013	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to HotSpot. NOTE: the previous…
CVE-2013-2417	Openjdk OpenJDK	—	0.05	Apr 17, 2013	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect availability via unknown vectors related to…
CVE-2013-2415	Openjdk OpenJDK	—	0.01	Apr 17, 2013	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows local users to affect confidentiality via vectors related to JAX-WS. NOTE: the previous information is from the April 2013 CPU.…
CVE-2013-0440	Openjdk OpenJDK	—	0.06	Feb 2, 2013	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 7, allows remote attackers to affect availability via vectors related to JSSE. …
CVE-2013-0435	Openjdk OpenJDK	—	0.05	Feb 2, 2013	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality via vectors related to JAX-WS. NOTE: the previous information is from…
CVE-2013-0434	Openjdk OpenJDK	—	0.05	Feb 2, 2013	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality via vectors related to…
CVE-2013-0432	Openjdk OpenJDK	—	0.05	Feb 2, 2013	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality and integrity via vectors…
CVE-2013-0427	Openjdk OpenJDK	—	0.05	Feb 2, 2013	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect integrity via unknown vectors related to Libraries. NOTE: the…
CVE-2013-0424	Openjdk OpenJDK	—	0.05	Feb 2, 2013	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 7, allows remote attackers to affect integrity via vectors related to RMI. NOTE: the…
CVE-2012-5373	Openjdk OpenJDK	—	0.02	Nov 28, 2012	Oracle Java SE 7 and earlier, and OpenJDK 7 and earlier, computes hash values without properly restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an…
CVE-2009-2690	Openjdk OpenJDK	—	0.03	Aug 10, 2009	The encoder in Sun Java SE 6 before Update 15, and OpenJDK, grants read access to private variables with unspecified names, which allows context-dependent attackers to obtain sensitive information via an untrusted (1) applet or (2) application.

CVE-2013-2424Apr 17, 2013
Openjdk
OpenJDK
risk 0.00cvss —epss 0.04
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality via vectors related to JMX. NOTE:…
CVE-2013-2421Apr 17, 2013
Openjdk
OpenJDK
risk 0.00cvss —epss 0.06
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to HotSpot. NOTE: the previous…
CVE-2013-2417Apr 17, 2013
Openjdk
OpenJDK
risk 0.00cvss —epss 0.05
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect availability via unknown vectors related to…
CVE-2013-2415Apr 17, 2013
Openjdk
OpenJDK
risk 0.00cvss —epss 0.01
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows local users to affect confidentiality via vectors related to JAX-WS. NOTE: the previous information is from the April 2013 CPU.…
CVE-2013-0440Feb 2, 2013
Openjdk
OpenJDK
risk 0.00cvss —epss 0.06
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 7, allows remote attackers to affect availability via vectors related to JSSE. …
CVE-2013-0435Feb 2, 2013
Openjdk
OpenJDK
risk 0.00cvss —epss 0.05
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality via vectors related to JAX-WS. NOTE: the previous information is from…
CVE-2013-0434Feb 2, 2013
Openjdk
OpenJDK
risk 0.00cvss —epss 0.05
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality via vectors related to…
CVE-2013-0432Feb 2, 2013
Openjdk
OpenJDK
risk 0.00cvss —epss 0.05
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality and integrity via vectors…
CVE-2013-0427Feb 2, 2013
Openjdk
OpenJDK
risk 0.00cvss —epss 0.05
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect integrity via unknown vectors related to Libraries. NOTE: the…
CVE-2013-0424Feb 2, 2013
Openjdk
OpenJDK
risk 0.00cvss —epss 0.05
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 7, allows remote attackers to affect integrity via vectors related to RMI. NOTE: the…
CVE-2012-5373Nov 28, 2012
Openjdk
OpenJDK
risk 0.00cvss —epss 0.02
Oracle Java SE 7 and earlier, and OpenJDK 7 and earlier, computes hash values without properly restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an…
CVE-2009-2690Aug 10, 2009
Openjdk
OpenJDK
risk 0.00cvss —epss 0.03
The encoder in Sun Java SE 6 before Update 15, and OpenJDK, grants read access to private variables with unspecified names, which allows context-dependent attackers to obtain sensitive information via an untrusted (1) applet or (2) application.

Page 4 of 4