java-1_8_0-ibm (SUSE:OpenStack Cloud 8) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:OpenStack Cloud 8 package java-1_8_0-ibm, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (90)
CVE-2021-41035 — CVSS 9.8 (critical): In Eclipse Openj9 before version 0.29.0, the JVM does not throw IllegalAccessError for MethodHandles that invoke inaccessible interface…
CVE-2020-27221 — CVSS 9.8 (critical): In Eclipse OpenJ9 up to and including version 0.23, there is potential for a stack-based buffer overflow when the virtual machine or JNI…
CVE-2019-11772 — CVSS 9.8 (critical): In Eclipse OpenJ9 prior to 0.15, the String.getBytes(int, int, byte[], int) method does not verify that the provided byte array is non-null…
CVE-2019-17631 — CVSS 9.1 (critical): From Eclipse OpenJ9 0.15 to 0.16, access to diagnostic operations such as causing a GC or creating a diagnostic file are permitted without…
CVE-2020-2805 — CVSS 8.3 (high): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are…
CVE-2020-14583 — CVSS 8.3 (high): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are…
CVE-2020-2803 — CVSS 8.3 (high): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are…
CVE-2020-2604 — CVSS 8.1 (high): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected…
CVE-2019-11771 — CVSS 7.8 (high): AIX builds of Eclipse OpenJ9 before 0.15.0 contain unused RPATHs which may facilitate code injection and privilege elevation by local users.
CVE-2019-4473 — CVSS 7.8 (high): Multiple binaries in IBM SDK, Java Technology Edition 7, 7R, and 8 on the AIX platform use insecure absolute RPATHs, which may facilitate…
CVE-2021-35560 — CVSS 7.5 (high): Vulnerability in the Java SE product of Oracle Java SE (component: Deployment). The supported version that is affected is Java SE: 8u301…
CVE-2020-14593 — CVSS 7.4 (high): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Supported versions that are affected are Java SE…
CVE-2019-11775 — CVSS 7.4 (high): All builds of Eclipse OpenJ9 prior to 0.15 contain a bug where the loop versioner may fail to privatize a value that is pulled out of the…
CVE-2019-2949 — CVSS 6.8 (medium): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Kerberos). Supported versions that are affected are…
CVE-2019-2989 — CVSS 6.8 (medium): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Supported versions that are affected are…
CVE-2018-11212 — CVSS 6.5 (medium): An issue was discovered in libjpeg 9a and 9d. The alloc_sarray function in jmemmgr.c allows remote attackers to cause a denial of service…
CVE-2019-4732 — CVSS 6.5 (medium): IBM SDK, Java Technology Edition Version 7.0.0.0 through 7.0.10.55, 7.1.0.0 through 7.1.4.55, and 8.0.0.0 through 8.0.6.0 could allow a…
CVE-2019-2958 — CVSS 5.9 (medium): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are…
CVE-2022-21366 — CVSS 5.3 (medium): Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions…
CVE-2019-17639 — CVSS 5.3 (medium): In Eclipse OpenJ9 prior to version 0.21 on Power platforms, calling the System.arraycopy method with a length longer than the length of the…
CVE-2019-2762 — CVSS 5.3 (medium): Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Utilities). Supported versions that are affected…
CVE-2019-2769 — CVSS 5.3 (medium): Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Utilities). Supported versions that are affected…
CVE-2019-7317 — CVSS 5.3 (medium): png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.
CVE-2020-14621 — CVSS 5.3 (medium): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JAXP). Supported versions that are affected are Java…
CVE-2020-14803 — CVSS 5.3 (medium): Vulnerability in the Java SE product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 11.0.8 and…
CVE-2020-2781 — CVSS 5.3 (medium): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java…
CVE-2020-2830 — CVSS 5.3 (medium): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Concurrency). Supported versions that are affected are…
CVE-2021-2163 — CVSS 5.3 (medium): Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries)…
CVE-2021-35556 — CVSS 5.3 (medium): Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Swing). Supported versions that are…
CVE-2021-35559 — CVSS 5.3 (medium): Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Swing). Supported versions that are…
CVE-2021-35564 — CVSS 5.3 (medium): Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Keytool). Supported versions that are…
CVE-2021-35565 — CVSS 5.3 (medium): Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are…
CVE-2021-35578 — CVSS 5.3 (medium): Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are…
CVE-2021-35586 — CVSS 5.3 (medium): Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are…
CVE-2022-21271 — CVSS 5.3 (medium): Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions…
CVE-2022-21277 — CVSS 5.3 (medium): Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions…
CVE-2022-21282 — CVSS 5.3 (medium): Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that…
CVE-2022-21283 — CVSS 5.3 (medium): Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions…
CVE-2022-21291 — CVSS 5.3 (medium): Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions…
CVE-2022-21293 — CVSS 5.3 (medium): Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions…
CVE-2022-21294 — CVSS 5.3 (medium): Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions…
CVE-2022-21296 — CVSS 5.3 (medium): Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that…
CVE-2022-21299 — CVSS 5.3 (medium): Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that…
CVE-2022-21305 — CVSS 5.3 (medium): Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions…
CVE-2022-21340 — CVSS 5.3 (medium): Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions…
CVE-2022-21341 — CVSS 5.3 (medium): Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported…
CVE-2022-21349 — CVSS 5.3 (medium): Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that…
CVE-2022-21360 — CVSS 5.3 (medium): Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions…
CVE-2022-21365 — CVSS 5.3 (medium): Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions…
CVE-2019-2816 — CVSS 4.8 (medium): Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected…
CVE-2019-2975 — CVSS 4.8 (medium): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting). Supported versions that are affected are…
CVE-2020-2593 — CVSS 4.8 (medium): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Supported versions that are affected are…
CVE-2020-2800 — CVSS 4.8 (medium): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Lightweight HTTP Server). Supported versions that are…
CVE-2020-14556 — CVSS 4.8 (medium): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are…
CVE-2019-2999 — CVSS 4.7 (medium): Vulnerability in the Java SE product of Oracle Java SE (component: Javadoc). Supported versions that are affected are Java SE: 7u231…
CVE-2021-2369 — CVSS 4.3 (medium): Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Library). Supported versions that are…
CVE-2020-14792 — CVSS 4.2 (medium): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Hotspot). Supported versions that are affected are…
CVE-2019-2996 — CVSS 4.2 (medium): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Deployment). The supported version that is affected is…
CVE-2019-2992 — CVSS 3.7 (low): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Supported versions that are affected are Java SE…
CVE-2019-2962 — CVSS 3.7 (low): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Supported versions that are affected are Java SE…
CVE-2020-2659 — CVSS 3.7 (low): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Supported versions that are affected are…
CVE-2020-2754 — CVSS 3.7 (low): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting). Supported versions that are affected are…
CVE-2020-2755 — CVSS 3.7 (low): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting). Supported versions that are affected are…
CVE-2020-2756 — CVSS 3.7 (low): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected…
CVE-2020-2757 — CVSS 3.7 (low): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected…
CVE-2019-2983 — CVSS 3.7 (low): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected…
CVE-2019-2988 — CVSS 3.7 (low): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Supported versions that are affected are Java SE…
CVE-2019-2981 — CVSS 3.7 (low): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JAXP). Supported versions that are affected are Java…
CVE-2020-14581 — CVSS 3.7 (low): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Supported versions that are affected are Java SE…
CVE-2019-2973 — CVSS 3.7 (low): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JAXP). Supported versions that are affected are Java…
CVE-2019-2964 — CVSS 3.7 (low): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Concurrency). Supported versions that are affected are…
CVE-2022-21248 — CVSS 3.7 (low): Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported…
CVE-2020-14779 — CVSS 3.7 (low): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected…
CVE-2020-14781 — CVSS 3.7 (low): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JNDI). Supported versions that are affected are Java…
CVE-2020-14797 — CVSS 3.7 (low): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are…
CVE-2020-2583 — CVSS 3.7 (low): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected…
CVE-2020-2654 — CVSS 3.7 (low): Vulnerability in the Java SE product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u241…
CVE-2019-2978 — CVSS 3.7 (low): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Supported versions that are affected are…
CVE-2020-14577 — CVSS 3.7 (low): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java…
CVE-2020-14578 — CVSS 3.7 (low): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are…
CVE-2020-14579 — CVSS 3.7 (low): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are…
CVE-2019-2786 — CVSS 3.4 (low): Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected…
CVE-2019-2766 — CVSS 3.1 (low): Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected…
CVE-2021-35588 — CVSS 3.1 (low): Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are…
CVE-2019-2933 — CVSS 3.1 (low): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are…
CVE-2020-14796 — CVSS 3.1 (low): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are…
CVE-2019-2945 — CVSS 3.1 (low): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Supported versions that are affected are…
CVE-2020-14798 — CVSS 3.1 (low): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are…
CVE-2021-2341 — CVSS 3.1 (low): Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that…
CVE-2019-2449 — CVSS 3.1 (low): Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). The supported version that is affected is Java SE…