java-1_7_1-ibm (SUSE:Enterprise Storage 4) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Enterprise Storage 4 package java-1_7_1-ibm, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (39)
CVE-2018-2814 — CVSS 8.3 (high): Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected…
CVE-2018-3149 — CVSS 8.3 (high): Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are…
CVE-2018-3169 — CVSS 8.3 (high): Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected…
CVE-2019-2698 — CVSS 8.1 (high): Vulnerability in the Java SE component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 7u211 and…
CVE-2019-2697 — CVSS 8.1 (high): Vulnerability in the Java SE component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 7u211 and…
CVE-2018-1417 — CVSS 8.1 (high): Under certain circumstances, a flaw in the J9 JVM (IBM SDK, Java Technology Edition 7.1 and 8.0) allows untrusted code running under a…
CVE-2018-12539 — CVSS 7.8 (high): In Eclipse OpenJ9 version 0.8, users other than the process owner may be able to use Java Attach API to connect to an Eclipse OpenJ9 or IBM…
CVE-2019-11771 — CVSS 7.8 (high): AIX builds of Eclipse OpenJ9 before 0.15.0 contain unused RPATHs which may facilitate code injection and privilege elevation by local users.
CVE-2019-4473 — CVSS 7.8 (high): Multiple binaries in IBM SDK, Java Technology Edition 7, 7R, and 8 on the AIX platform use insecure absolute RPATHs, which may facilitate…
CVE-2018-2794 — CVSS 7.7 (high): Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java…
CVE-2019-2602 — CVSS 7.5 (high): Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected…
CVE-2019-10245 — CVSS 7.5 (high): In Eclipse OpenJ9 prior to the 0.14.0 release, the Java bytecode verifier incorrectly allows a method to execute past the end of bytecode…
CVE-2018-2783 — CVSS 7.4 (high): Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are…
CVE-2018-1656 — CVSS 7.4 (high): The IBM Java Runtime Environment's Diagnostic Tooling Framework for Java (DTFJ) (IBM SDK, Java Technology Edition 6.0 , 7.0, and 8.0) does…
CVE-2019-11775 — CVSS 7.4 (high): All builds of Eclipse OpenJ9 prior to 0.15 contain a bug where the loop versioner may fail to privatize a value that is pulled out of the…
CVE-2018-13785 — CVSS 6.5 (medium): In libpng 1.6.34, a wrong calculation of row_factor in the png_check_chunk_length function (pngrutil.c) may trigger an integer overflow and…
CVE-2018-11212 — CVSS 6.5 (medium): An issue was discovered in libjpeg 9a and 9d. The alloc_sarray function in jmemmgr.c allows remote attackers to cause a denial of service…
CVE-2018-1517 — CVSS 5.9 (medium): A flaw in the java.math component in IBM SDK, Java Technology Edition 6.0, 7.0, and 8.0 may allow an attacker to inflict a…
CVE-2018-2973 — CVSS 5.9 (medium): Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JSSE). Supported versions that are affected are…
CVE-2019-2684 — CVSS 5.9 (medium): Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are…
CVE-2018-3180 — CVSS 5.6 (medium): Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JSSE). Supported versions that are…
CVE-2019-7317 — CVSS 5.3 (medium): png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.
CVE-2018-2795 — CVSS 5.3 (medium): Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are…
CVE-2018-2796 — CVSS 5.3 (medium): Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). Supported versions that…
CVE-2018-2797 — CVSS 5.3 (medium): Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JMX). Supported versions that are…
CVE-2018-2798 — CVSS 5.3 (medium): Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: AWT). Supported versions that are…
CVE-2018-2799 — CVSS 5.3 (medium): Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAXP). Supported versions that are…
CVE-2018-3214 — CVSS 5.3 (medium): Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Sound). Supported versions that are…
CVE-2019-2762 — CVSS 5.3 (medium): Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Utilities). Supported versions that are affected…
CVE-2019-2769 — CVSS 5.3 (medium): Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Utilities). Supported versions that are affected…
CVE-2019-2816 — CVSS 4.8 (medium): Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected…
CVE-2018-2940 — CVSS 4.3 (medium): Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected…
CVE-2018-2800 — CVSS 4.2 (medium): Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE…
CVE-2018-2952 — CVSS 3.7 (low): Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). Supported versions that…
CVE-2018-3136 — CVSS 3.4 (low): Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected…
CVE-2018-3139 — CVSS 3.1 (low): Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected…
CVE-2019-2766 — CVSS 3.1 (low): Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected…
CVE-2018-2790 — CVSS 3.1 (low): Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected…
CVE-2019-2422 — CVSS 3.1 (low): Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE…