java-1_8_0-ibm (SUSE:Linux Enterprise Server 12 SP4) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Server 12 SP4 package java-1_8_0-ibm, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (59)
CVE-2019-11772 — CVSS 9.8 (critical): In Eclipse OpenJ9 prior to 0.15, the String.getBytes(int, int, byte[], int) method does not verify that the provided byte array is non-null…
CVE-2019-17631 — CVSS 9.1 (critical): From Eclipse OpenJ9 0.15 to 0.16, access to diagnostic operations such as causing a GC or creating a diagnostic file are permitted without…
CVE-2018-3183 — CVSS 9.0 (critical): Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Scripting). Supported versions that are…
CVE-2018-3169 — CVSS 8.3 (high): Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected…
CVE-2020-2805 — CVSS 8.3 (high): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are…
CVE-2020-2803 — CVSS 8.3 (high): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are…
CVE-2018-3149 — CVSS 8.3 (high): Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are…
CVE-2020-2604 — CVSS 8.1 (high): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected…
CVE-2019-2698 — CVSS 8.1 (high): Vulnerability in the Java SE component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 7u211 and…
CVE-2019-2697 — CVSS 8.1 (high): Vulnerability in the Java SE component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 7u211 and…
CVE-2019-4473 — CVSS 7.8 (high): Multiple binaries in IBM SDK, Java Technology Edition 7, 7R, and 8 on the AIX platform use insecure absolute RPATHs, which may facilitate…
CVE-2019-11771 — CVSS 7.8 (high): AIX builds of Eclipse OpenJ9 before 0.15.0 contain unused RPATHs which may facilitate code injection and privilege elevation by local users.
CVE-2019-2602 — CVSS 7.5 (high): Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected…
CVE-2019-10245 — CVSS 7.5 (high): In Eclipse OpenJ9 prior to the 0.14.0 release, the Java bytecode verifier incorrectly allows a method to execute past the end of bytecode…
CVE-2019-11775 — CVSS 7.4 (high): All builds of Eclipse OpenJ9 prior to 0.15 contain a bug where the loop versioner may fail to privatize a value that is pulled out of the…
CVE-2019-2949 — CVSS 6.8 (medium): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Kerberos). Supported versions that are affected are…
CVE-2019-2989 — CVSS 6.8 (medium): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Supported versions that are affected are…
CVE-2018-13785 — CVSS 6.5 (medium): In libpng 1.6.34, a wrong calculation of row_factor in the png_check_chunk_length function (pngrutil.c) may trigger an integer overflow and…
CVE-2019-4732 — CVSS 6.5 (medium): IBM SDK, Java Technology Edition Version 7.0.0.0 through 7.0.10.55, 7.1.0.0 through 7.1.4.55, and 8.0.0.0 through 8.0.6.0 could allow a…
CVE-2018-11212 — CVSS 6.5 (medium): An issue was discovered in libjpeg 9a and 9d. The alloc_sarray function in jmemmgr.c allows remote attackers to cause a denial of service…
CVE-2019-2958 — CVSS 5.9 (medium): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are…
CVE-2019-2684 — CVSS 5.9 (medium): Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are…
CVE-2018-1890 — CVSS 5.6 (medium): IBM SDK, Java Technology Edition Version 8 on the AIX platform uses absolute RPATHs which may facilitate code injection and privilege…
CVE-2018-3180 — CVSS 5.6 (medium): Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JSSE). Supported versions that are…
CVE-2019-7317 — CVSS 5.3 (medium): png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.
CVE-2018-3214 — CVSS 5.3 (medium): Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Sound). Supported versions that are…
CVE-2019-2762 — CVSS 5.3 (medium): Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Utilities). Supported versions that are affected…
CVE-2019-2769 — CVSS 5.3 (medium): Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Utilities). Supported versions that are affected…
CVE-2020-2781 — CVSS 5.3 (medium): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java…
CVE-2020-2830 — CVSS 5.3 (medium): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Concurrency). Supported versions that are affected are…
CVE-2020-2593 — CVSS 4.8 (medium): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Supported versions that are affected are…
CVE-2019-2975 — CVSS 4.8 (medium): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting). Supported versions that are affected are…
CVE-2019-2816 — CVSS 4.8 (medium): Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected…
CVE-2020-2800 — CVSS 4.8 (medium): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Lightweight HTTP Server). Supported versions that are…
CVE-2019-2999 — CVSS 4.7 (medium): Vulnerability in the Java SE product of Oracle Java SE (component: Javadoc). Supported versions that are affected are Java SE: 7u231…
CVE-2019-2996 — CVSS 4.2 (medium): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Deployment). The supported version that is affected is…
CVE-2019-2992 — CVSS 3.7 (low): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Supported versions that are affected are Java SE…
CVE-2019-2964 — CVSS 3.7 (low): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Concurrency). Supported versions that are affected are…
CVE-2019-2973 — CVSS 3.7 (low): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JAXP). Supported versions that are affected are Java…
CVE-2020-2583 — CVSS 3.7 (low): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected…
CVE-2020-2756 — CVSS 3.7 (low): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected…
CVE-2019-2978 — CVSS 3.7 (low): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Supported versions that are affected are…
CVE-2019-2981 — CVSS 3.7 (low): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JAXP). Supported versions that are affected are Java…
CVE-2019-2962 — CVSS 3.7 (low): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Supported versions that are affected are Java SE…
CVE-2019-2983 — CVSS 3.7 (low): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected…
CVE-2019-2988 — CVSS 3.7 (low): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Supported versions that are affected are Java SE…
CVE-2020-2755 — CVSS 3.7 (low): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting). Supported versions that are affected are…
CVE-2020-2757 — CVSS 3.7 (low): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected…
CVE-2020-2654 — CVSS 3.7 (low): Vulnerability in the Java SE product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u241…
CVE-2020-2659 — CVSS 3.7 (low): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Supported versions that are affected are…
CVE-2020-2754 — CVSS 3.7 (low): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting). Supported versions that are affected are…
CVE-2019-2786 — CVSS 3.4 (low): Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected…
CVE-2018-3136 — CVSS 3.4 (low): Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected…
CVE-2019-2933 — CVSS 3.1 (low): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are…
CVE-2019-2766 — CVSS 3.1 (low): Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected…
CVE-2019-2449 — CVSS 3.1 (low): Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). The supported version that is affected is Java SE…
CVE-2019-2422 — CVSS 3.1 (low): Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE…
CVE-2018-3139 — CVSS 3.1 (low): Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected…
CVE-2019-2945 — CVSS 3.1 (low): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Supported versions that are affected are…