Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2019-2818 (GCVE-0-2019-2818)
Vulnerability from cvelistv5 – Published: 2019-07-23 22:31 – Updated: 2024-10-01 16:38
VLAI
EPSS
Summary
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 11.0.3 and 12.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N).
Severity
No CVSS data available.
CWE
- Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data.
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.oracle.com/technetwork/security-adviso… | x_refsource_MISC |
| https://usn.ubuntu.com/4083-1/ | vendor-advisoryx_refsource_UBUNTU |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Oracle Corporation | Java |
Affected:
Java SE: 11.0.3, 12.0.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:03:42.802Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
},
{
"name": "USN-4083-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4083-1/"
},
{
"name": "openSUSE-SU-2019:1916",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00038.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-2818",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-01T16:16:49.931247Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-01T16:38:34.656Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Java",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "Java SE: 11.0.3, 12.0.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 11.0.3 and 12.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-15T14:06:08.000Z",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
},
{
"name": "USN-4083-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4083-1/"
},
{
"name": "openSUSE-SU-2019:1916",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00038.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2019-2818",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Java SE: 11.0.3, 12.0.1"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 11.0.3 and 12.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
"refsource": "MISC",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
},
{
"name": "USN-4083-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4083-1/"
},
{
"name": "openSUSE-SU-2019:1916",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00038.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2019-2818",
"datePublished": "2019-07-23T22:31:48.000Z",
"dateReserved": "2018-12-14T00:00:00.000Z",
"dateUpdated": "2024-10-01T16:38:34.656Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2019-2818",
"date": "2026-05-28",
"epss": "0.00478",
"percentile": "0.6525"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2019-2818\",\"sourceIdentifier\":\"secalert_us@oracle.com\",\"published\":\"2019-07-23T23:15:43.430\",\"lastModified\":\"2024-11-21T04:41:37.427\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 11.0.3 and 12.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N).\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad en el componente Java SE de Java SE de Oracle (subcomponente: Security). Las versiones compatibles que est\u00e1n afectadas son Java SE: 11.0.3 y 12.0.1. Una vulnerabilidad dif\u00edcil de explotar permite a un atacante no autenticado con acceso a la red por medio de m\u00faltiples protocolos comprometer a Java SE. Los ataques con \u00e9xito requieren la interacci\u00f3n humana de otra persona distinta al atacante. Los ataques con \u00e9xito de esta vulnerabilidad pueden resultar en un acceso de lectura no autorizado a un subconjunto de datos accesibles de Java SE. Nota: Esta vulnerabilidad se aplica a las implementaciones Java, normalmente en clientes que ejecutan aplicaciones Java Web Start en sandbox o applets Java en sandbox (en Java SE versi\u00f3n 8), que cargan y ejecutan c\u00f3digo no confiable (por ejemplo, c\u00f3digo que proviene de Internet) y conf\u00edan en el sandbox de Java por seguridad. Esta vulnerabilidad no se aplica a las implementaciones Java, normalmente en servidores, que cargan y ejecutan solo c\u00f3digo confiable (por ejemplo, c\u00f3digo instalado mediante un administrador). CVSS 3.0 Puntuaci\u00f3n Base 3.1 (Impactos de confidencialidad). Vector CVSS: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N).\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N\",\"baseScore\":3.1,\"baseSeverity\":\"LOW\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.6,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:H/Au:N/C:P/I:N/A:N\",\"baseScore\":2.6,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"HIGH\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":4.9,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-203\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:11.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EAF3DD5E-1A96-4285-84BA-EB5E31EF2516\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:12.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"32318CC6-B8C4-4429-BB8B-134DC202A27E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:11.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"18C60526-0E63-486E-B252-3D4466215FB0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:12.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2908FB9-138F-4376-962E-D2582B5ACAEE\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00038.html\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4083-1/\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00038.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4083-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://usn.ubuntu.com/4083-1/\", \"name\": \"USN-4083-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00038.html\", \"name\": \"openSUSE-SU-2019:1916\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-04T19:03:42.802Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2019-2818\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-10-01T16:16:49.931247Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-10-01T16:17:38.915Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"Oracle Corporation\", \"product\": \"Java\", \"versions\": [{\"status\": \"affected\", \"version\": \"Java SE: 11.0.3, 12.0.1\"}]}], \"references\": [{\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://usn.ubuntu.com/4083-1/\", \"name\": \"USN-4083-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00038.html\", \"name\": \"openSUSE-SU-2019:1916\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 11.0.3 and 12.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N).\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data.\"}]}], \"providerMetadata\": {\"orgId\": \"43595867-4340-4103-b7a2-9a5208d29a85\", \"shortName\": \"oracle\", \"dateUpdated\": \"2019-08-15T14:06:08.000Z\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"Java SE: 11.0.3, 12.0.1\", \"version_affected\": \"=\"}]}, \"product_name\": \"Java\"}]}, \"vendor_name\": \"Oracle Corporation\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html\", \"name\": \"http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html\", \"refsource\": \"MISC\"}, {\"url\": \"https://usn.ubuntu.com/4083-1/\", \"name\": \"USN-4083-1\", \"refsource\": \"UBUNTU\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00038.html\", \"name\": \"openSUSE-SU-2019:1916\", \"refsource\": \"SUSE\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 11.0.3 and 12.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N).\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data.\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2019-2818\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"secalert_us@oracle.com\"}}}}",
"cveMetadata": "{\"cveId\": \"CVE-2019-2818\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-10-01T16:38:34.656Z\", \"dateReserved\": \"2018-12-14T00:00:00.000Z\", \"assignerOrgId\": \"43595867-4340-4103-b7a2-9a5208d29a85\", \"datePublished\": \"2019-07-23T22:31:48.000Z\", \"assignerShortName\": \"oracle\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
RHSA-2019:1817
Vulnerability from csaf_redhat - Published: 2019-07-22 12:41 - Updated: 2026-01-13 21:32Summary
Red Hat Security Advisory: java-11-openjdk security update
Severity
Moderate
Notes
Topic: An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.
Security Fix(es):
* OpenJDK: Side-channel attack risks in Elliptic Curve (EC) cryptography (Security, 8208698) (CVE-2019-2745)
* OpenJDK: Insufficient checks of suppressed exceptions in deserialization (Utilities, 8212328) (CVE-2019-2762)
* OpenJDK: Unbounded memory allocation during deserialization in Collections (Utilities, 8213432) (CVE-2019-2769)
* OpenJDK: Missing URL format validation (Networking, 8221518) (CVE-2019-2816)
* OpenJDK: Incorrect handling of certificate status messages during TLS handshake (JSSE, 8222678) (CVE-2019-2821)
* OpenJDK: Insufficient restriction of privileges in AccessController (Security, 8216381) (CVE-2019-2786)
* OpenJDK: Non-constant time comparison in ChaCha20Cipher (Security, 8221344) (CVE-2019-2818)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 7u221, 8u212 and 11.0.3. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE executes to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 5.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).
5.1 (Medium)
Affected products
Fixed
61 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Utilities). Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
5.3 (Medium)
Affected products
Fixed
61 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Utilities). Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
5.3 (Medium)
Affected products
Fixed
61 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.4 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N).
Affected products
Fixed
61 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Low
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data as well as unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N).
4.8 (Medium)
Affected products
Fixed
61 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 11.0.3 and 12.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N).
CWE-385 - Covert Timing ChannelAffected products
Fixed
61 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Low
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JSSE). Supported versions that are affected are Java SE: 11.0.3 and 12.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N).
5.3 (Medium)
Affected products
Fixed
61 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
38 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.\n\nSecurity Fix(es):\n\n* OpenJDK: Side-channel attack risks in Elliptic Curve (EC) cryptography (Security, 8208698) (CVE-2019-2745)\n\n* OpenJDK: Insufficient checks of suppressed exceptions in deserialization (Utilities, 8212328) (CVE-2019-2762)\n\n* OpenJDK: Unbounded memory allocation during deserialization in Collections (Utilities, 8213432) (CVE-2019-2769)\n\n* OpenJDK: Missing URL format validation (Networking, 8221518) (CVE-2019-2816)\n\n* OpenJDK: Incorrect handling of certificate status messages during TLS handshake (JSSE, 8222678) (CVE-2019-2821)\n\n* OpenJDK: Insufficient restriction of privileges in AccessController (Security, 8216381) (CVE-2019-2786)\n\n* OpenJDK: Non-constant time comparison in ChaCha20Cipher (Security, 8221344) (CVE-2019-2818)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2019:1817",
"url": "https://access.redhat.com/errata/RHSA-2019:1817"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1730056",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730056"
},
{
"category": "external",
"summary": "1730078",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730078"
},
{
"category": "external",
"summary": "1730099",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730099"
},
{
"category": "external",
"summary": "1730251",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730251"
},
{
"category": "external",
"summary": "1730255",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730255"
},
{
"category": "external",
"summary": "1730411",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730411"
},
{
"category": "external",
"summary": "1730415",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730415"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_1817.json"
}
],
"title": "Red Hat Security Advisory: java-11-openjdk security update",
"tracking": {
"current_release_date": "2026-01-13T21:32:19+00:00",
"generator": {
"date": "2026-01-13T21:32:19+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.15"
}
},
"id": "RHSA-2019:1817",
"initial_release_date": "2019-07-22T12:41:14+00:00",
"revision_history": [
{
"date": "2019-07-22T12:41:14+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-07-22T12:41:14+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-13T21:32:19+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.aarch64",
"product": {
"name": "java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.aarch64",
"product_id": "java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-javadoc@11.0.4.11-0.el8_0?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"product": {
"name": "java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"product_id": "java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-devel-debuginfo@11.0.4.11-0.el8_0?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.aarch64",
"product": {
"name": "java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.aarch64",
"product_id": "java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-javadoc-zip@11.0.4.11-0.el8_0?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-demo-1:11.0.4.11-0.el8_0.aarch64",
"product": {
"name": "java-11-openjdk-demo-1:11.0.4.11-0.el8_0.aarch64",
"product_id": "java-11-openjdk-demo-1:11.0.4.11-0.el8_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-demo@11.0.4.11-0.el8_0?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"product": {
"name": "java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"product_id": "java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-devel-slowdebug-debuginfo@11.0.4.11-0.el8_0?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.aarch64",
"product": {
"name": "java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.aarch64",
"product_id": "java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-debugsource@11.0.4.11-0.el8_0?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"product": {
"name": "java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"product_id": "java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-debuginfo@11.0.4.11-0.el8_0?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-headless-1:11.0.4.11-0.el8_0.aarch64",
"product": {
"name": "java-11-openjdk-headless-1:11.0.4.11-0.el8_0.aarch64",
"product_id": "java-11-openjdk-headless-1:11.0.4.11-0.el8_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-headless@11.0.4.11-0.el8_0?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.aarch64",
"product": {
"name": "java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.aarch64",
"product_id": "java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-jmods@11.0.4.11-0.el8_0?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"product": {
"name": "java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"product_id": "java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-headless-debuginfo@11.0.4.11-0.el8_0?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-src-1:11.0.4.11-0.el8_0.aarch64",
"product": {
"name": "java-11-openjdk-src-1:11.0.4.11-0.el8_0.aarch64",
"product_id": "java-11-openjdk-src-1:11.0.4.11-0.el8_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-src@11.0.4.11-0.el8_0?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"product": {
"name": "java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"product_id": "java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-headless-slowdebug-debuginfo@11.0.4.11-0.el8_0?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-1:11.0.4.11-0.el8_0.aarch64",
"product": {
"name": "java-11-openjdk-1:11.0.4.11-0.el8_0.aarch64",
"product_id": "java-11-openjdk-1:11.0.4.11-0.el8_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk@11.0.4.11-0.el8_0?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-devel-1:11.0.4.11-0.el8_0.aarch64",
"product": {
"name": "java-11-openjdk-devel-1:11.0.4.11-0.el8_0.aarch64",
"product_id": "java-11-openjdk-devel-1:11.0.4.11-0.el8_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-devel@11.0.4.11-0.el8_0?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"product": {
"name": "java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"product_id": "java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-slowdebug-debuginfo@11.0.4.11-0.el8_0?arch=aarch64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.x86_64",
"product": {
"name": "java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.x86_64",
"product_id": "java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-javadoc@11.0.4.11-0.el8_0?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"product": {
"name": "java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"product_id": "java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-devel-debuginfo@11.0.4.11-0.el8_0?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.x86_64",
"product": {
"name": "java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.x86_64",
"product_id": "java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-javadoc-zip@11.0.4.11-0.el8_0?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-demo-1:11.0.4.11-0.el8_0.x86_64",
"product": {
"name": "java-11-openjdk-demo-1:11.0.4.11-0.el8_0.x86_64",
"product_id": "java-11-openjdk-demo-1:11.0.4.11-0.el8_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-demo@11.0.4.11-0.el8_0?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"product": {
"name": "java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"product_id": "java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-devel-slowdebug-debuginfo@11.0.4.11-0.el8_0?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.x86_64",
"product": {
"name": "java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.x86_64",
"product_id": "java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-debugsource@11.0.4.11-0.el8_0?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"product": {
"name": "java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"product_id": "java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-debuginfo@11.0.4.11-0.el8_0?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-headless-1:11.0.4.11-0.el8_0.x86_64",
"product": {
"name": "java-11-openjdk-headless-1:11.0.4.11-0.el8_0.x86_64",
"product_id": "java-11-openjdk-headless-1:11.0.4.11-0.el8_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-headless@11.0.4.11-0.el8_0?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.x86_64",
"product": {
"name": "java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.x86_64",
"product_id": "java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-jmods@11.0.4.11-0.el8_0?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"product": {
"name": "java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"product_id": "java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-headless-debuginfo@11.0.4.11-0.el8_0?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-src-1:11.0.4.11-0.el8_0.x86_64",
"product": {
"name": "java-11-openjdk-src-1:11.0.4.11-0.el8_0.x86_64",
"product_id": "java-11-openjdk-src-1:11.0.4.11-0.el8_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-src@11.0.4.11-0.el8_0?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"product": {
"name": "java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"product_id": "java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-headless-slowdebug-debuginfo@11.0.4.11-0.el8_0?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-1:11.0.4.11-0.el8_0.x86_64",
"product": {
"name": "java-11-openjdk-1:11.0.4.11-0.el8_0.x86_64",
"product_id": "java-11-openjdk-1:11.0.4.11-0.el8_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk@11.0.4.11-0.el8_0?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-devel-1:11.0.4.11-0.el8_0.x86_64",
"product": {
"name": "java-11-openjdk-devel-1:11.0.4.11-0.el8_0.x86_64",
"product_id": "java-11-openjdk-devel-1:11.0.4.11-0.el8_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-devel@11.0.4.11-0.el8_0?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"product": {
"name": "java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"product_id": "java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-slowdebug-debuginfo@11.0.4.11-0.el8_0?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.s390x",
"product": {
"name": "java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.s390x",
"product_id": "java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-javadoc@11.0.4.11-0.el8_0?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"product": {
"name": "java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"product_id": "java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-devel-debuginfo@11.0.4.11-0.el8_0?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.s390x",
"product": {
"name": "java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.s390x",
"product_id": "java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-javadoc-zip@11.0.4.11-0.el8_0?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-demo-1:11.0.4.11-0.el8_0.s390x",
"product": {
"name": "java-11-openjdk-demo-1:11.0.4.11-0.el8_0.s390x",
"product_id": "java-11-openjdk-demo-1:11.0.4.11-0.el8_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-demo@11.0.4.11-0.el8_0?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"product": {
"name": "java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"product_id": "java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-devel-slowdebug-debuginfo@11.0.4.11-0.el8_0?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.s390x",
"product": {
"name": "java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.s390x",
"product_id": "java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-debugsource@11.0.4.11-0.el8_0?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"product": {
"name": "java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"product_id": "java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-debuginfo@11.0.4.11-0.el8_0?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-headless-1:11.0.4.11-0.el8_0.s390x",
"product": {
"name": "java-11-openjdk-headless-1:11.0.4.11-0.el8_0.s390x",
"product_id": "java-11-openjdk-headless-1:11.0.4.11-0.el8_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-headless@11.0.4.11-0.el8_0?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.s390x",
"product": {
"name": "java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.s390x",
"product_id": "java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-jmods@11.0.4.11-0.el8_0?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"product": {
"name": "java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"product_id": "java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-headless-debuginfo@11.0.4.11-0.el8_0?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-src-1:11.0.4.11-0.el8_0.s390x",
"product": {
"name": "java-11-openjdk-src-1:11.0.4.11-0.el8_0.s390x",
"product_id": "java-11-openjdk-src-1:11.0.4.11-0.el8_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-src@11.0.4.11-0.el8_0?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"product": {
"name": "java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"product_id": "java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-headless-slowdebug-debuginfo@11.0.4.11-0.el8_0?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-1:11.0.4.11-0.el8_0.s390x",
"product": {
"name": "java-11-openjdk-1:11.0.4.11-0.el8_0.s390x",
"product_id": "java-11-openjdk-1:11.0.4.11-0.el8_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk@11.0.4.11-0.el8_0?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-devel-1:11.0.4.11-0.el8_0.s390x",
"product": {
"name": "java-11-openjdk-devel-1:11.0.4.11-0.el8_0.s390x",
"product_id": "java-11-openjdk-devel-1:11.0.4.11-0.el8_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-devel@11.0.4.11-0.el8_0?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"product": {
"name": "java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"product_id": "java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-slowdebug-debuginfo@11.0.4.11-0.el8_0?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.ppc64le",
"product": {
"name": "java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.ppc64le",
"product_id": "java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-javadoc@11.0.4.11-0.el8_0?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"product": {
"name": "java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"product_id": "java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-devel-debuginfo@11.0.4.11-0.el8_0?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.ppc64le",
"product": {
"name": "java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.ppc64le",
"product_id": "java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-javadoc-zip@11.0.4.11-0.el8_0?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-demo-1:11.0.4.11-0.el8_0.ppc64le",
"product": {
"name": "java-11-openjdk-demo-1:11.0.4.11-0.el8_0.ppc64le",
"product_id": "java-11-openjdk-demo-1:11.0.4.11-0.el8_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-demo@11.0.4.11-0.el8_0?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"product": {
"name": "java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"product_id": "java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-devel-slowdebug-debuginfo@11.0.4.11-0.el8_0?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.ppc64le",
"product": {
"name": "java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.ppc64le",
"product_id": "java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-debugsource@11.0.4.11-0.el8_0?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"product": {
"name": "java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"product_id": "java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-debuginfo@11.0.4.11-0.el8_0?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-headless-1:11.0.4.11-0.el8_0.ppc64le",
"product": {
"name": "java-11-openjdk-headless-1:11.0.4.11-0.el8_0.ppc64le",
"product_id": "java-11-openjdk-headless-1:11.0.4.11-0.el8_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-headless@11.0.4.11-0.el8_0?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.ppc64le",
"product": {
"name": "java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.ppc64le",
"product_id": "java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-jmods@11.0.4.11-0.el8_0?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"product": {
"name": "java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"product_id": "java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-headless-debuginfo@11.0.4.11-0.el8_0?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-src-1:11.0.4.11-0.el8_0.ppc64le",
"product": {
"name": "java-11-openjdk-src-1:11.0.4.11-0.el8_0.ppc64le",
"product_id": "java-11-openjdk-src-1:11.0.4.11-0.el8_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-src@11.0.4.11-0.el8_0?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"product": {
"name": "java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"product_id": "java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-headless-slowdebug-debuginfo@11.0.4.11-0.el8_0?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-1:11.0.4.11-0.el8_0.ppc64le",
"product": {
"name": "java-11-openjdk-1:11.0.4.11-0.el8_0.ppc64le",
"product_id": "java-11-openjdk-1:11.0.4.11-0.el8_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk@11.0.4.11-0.el8_0?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-devel-1:11.0.4.11-0.el8_0.ppc64le",
"product": {
"name": "java-11-openjdk-devel-1:11.0.4.11-0.el8_0.ppc64le",
"product_id": "java-11-openjdk-devel-1:11.0.4.11-0.el8_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-devel@11.0.4.11-0.el8_0?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"product": {
"name": "java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"product_id": "java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk-slowdebug-debuginfo@11.0.4.11-0.el8_0?arch=ppc64le\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "java-11-openjdk-1:11.0.4.11-0.el8_0.src",
"product": {
"name": "java-11-openjdk-1:11.0.4.11-0.el8_0.src",
"product_id": "java-11-openjdk-1:11.0.4.11-0.el8_0.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-11-openjdk@11.0.4.11-0.el8_0?arch=src\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-1:11.0.4.11-0.el8_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.aarch64"
},
"product_reference": "java-11-openjdk-1:11.0.4.11-0.el8_0.aarch64",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-1:11.0.4.11-0.el8_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.ppc64le"
},
"product_reference": "java-11-openjdk-1:11.0.4.11-0.el8_0.ppc64le",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-1:11.0.4.11-0.el8_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.s390x"
},
"product_reference": "java-11-openjdk-1:11.0.4.11-0.el8_0.s390x",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-1:11.0.4.11-0.el8_0.src as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.src"
},
"product_reference": "java-11-openjdk-1:11.0.4.11-0.el8_0.src",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-1:11.0.4.11-0.el8_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.x86_64"
},
"product_reference": "java-11-openjdk-1:11.0.4.11-0.el8_0.x86_64",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.aarch64"
},
"product_reference": "java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.ppc64le"
},
"product_reference": "java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.s390x"
},
"product_reference": "java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.x86_64"
},
"product_reference": "java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.aarch64"
},
"product_reference": "java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.aarch64",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.ppc64le"
},
"product_reference": "java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.ppc64le",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.s390x"
},
"product_reference": "java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.s390x",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.x86_64"
},
"product_reference": "java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.x86_64",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-demo-1:11.0.4.11-0.el8_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.aarch64"
},
"product_reference": "java-11-openjdk-demo-1:11.0.4.11-0.el8_0.aarch64",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-demo-1:11.0.4.11-0.el8_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.ppc64le"
},
"product_reference": "java-11-openjdk-demo-1:11.0.4.11-0.el8_0.ppc64le",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-demo-1:11.0.4.11-0.el8_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.s390x"
},
"product_reference": "java-11-openjdk-demo-1:11.0.4.11-0.el8_0.s390x",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-demo-1:11.0.4.11-0.el8_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.x86_64"
},
"product_reference": "java-11-openjdk-demo-1:11.0.4.11-0.el8_0.x86_64",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-devel-1:11.0.4.11-0.el8_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.aarch64"
},
"product_reference": "java-11-openjdk-devel-1:11.0.4.11-0.el8_0.aarch64",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-devel-1:11.0.4.11-0.el8_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.ppc64le"
},
"product_reference": "java-11-openjdk-devel-1:11.0.4.11-0.el8_0.ppc64le",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-devel-1:11.0.4.11-0.el8_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.s390x"
},
"product_reference": "java-11-openjdk-devel-1:11.0.4.11-0.el8_0.s390x",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-devel-1:11.0.4.11-0.el8_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.x86_64"
},
"product_reference": "java-11-openjdk-devel-1:11.0.4.11-0.el8_0.x86_64",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.aarch64"
},
"product_reference": "java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.ppc64le"
},
"product_reference": "java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.s390x"
},
"product_reference": "java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.x86_64"
},
"product_reference": "java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64"
},
"product_reference": "java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le"
},
"product_reference": "java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x"
},
"product_reference": "java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64"
},
"product_reference": "java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-headless-1:11.0.4.11-0.el8_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.aarch64"
},
"product_reference": "java-11-openjdk-headless-1:11.0.4.11-0.el8_0.aarch64",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-headless-1:11.0.4.11-0.el8_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.ppc64le"
},
"product_reference": "java-11-openjdk-headless-1:11.0.4.11-0.el8_0.ppc64le",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-headless-1:11.0.4.11-0.el8_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.s390x"
},
"product_reference": "java-11-openjdk-headless-1:11.0.4.11-0.el8_0.s390x",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-headless-1:11.0.4.11-0.el8_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.x86_64"
},
"product_reference": "java-11-openjdk-headless-1:11.0.4.11-0.el8_0.x86_64",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.aarch64"
},
"product_reference": "java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.ppc64le"
},
"product_reference": "java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.s390x"
},
"product_reference": "java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.x86_64"
},
"product_reference": "java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64"
},
"product_reference": "java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le"
},
"product_reference": "java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x"
},
"product_reference": "java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64"
},
"product_reference": "java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.aarch64"
},
"product_reference": "java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.aarch64",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.ppc64le"
},
"product_reference": "java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.ppc64le",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.s390x"
},
"product_reference": "java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.s390x",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.x86_64"
},
"product_reference": "java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.x86_64",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.aarch64"
},
"product_reference": "java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.aarch64",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.ppc64le"
},
"product_reference": "java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.ppc64le",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.s390x"
},
"product_reference": "java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.s390x",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.x86_64"
},
"product_reference": "java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.x86_64",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.aarch64"
},
"product_reference": "java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.aarch64",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.ppc64le"
},
"product_reference": "java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.ppc64le",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.s390x"
},
"product_reference": "java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.s390x",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.x86_64"
},
"product_reference": "java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.x86_64",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64"
},
"product_reference": "java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le"
},
"product_reference": "java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x"
},
"product_reference": "java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64"
},
"product_reference": "java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-src-1:11.0.4.11-0.el8_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.aarch64"
},
"product_reference": "java-11-openjdk-src-1:11.0.4.11-0.el8_0.aarch64",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-src-1:11.0.4.11-0.el8_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.ppc64le"
},
"product_reference": "java-11-openjdk-src-1:11.0.4.11-0.el8_0.ppc64le",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-src-1:11.0.4.11-0.el8_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.s390x"
},
"product_reference": "java-11-openjdk-src-1:11.0.4.11-0.el8_0.s390x",
"relates_to_product_reference": "AppStream-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-src-1:11.0.4.11-0.el8_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.x86_64"
},
"product_reference": "java-11-openjdk-src-1:11.0.4.11-0.el8_0.x86_64",
"relates_to_product_reference": "AppStream-8.0.0.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-2745",
"cwe": {
"id": "CWE-385",
"name": "Covert Timing Channel"
},
"discovery_date": "2019-07-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1730411"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 7u221, 8u212 and 11.0.3. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE executes to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 5.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: Side-channel attack risks in Elliptic Curve (EC) cryptography (Security, 8208698)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.src",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-2745"
},
{
"category": "external",
"summary": "RHBZ#1730411",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730411"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-2745",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2745"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-2745",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-2745"
}
],
"release_date": "2019-07-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-07-22T12:41:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of OpenJDK Java must be restarted for this update to take effect.",
"product_ids": [
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.src",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1817"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.src",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: Side-channel attack risks in Elliptic Curve (EC) cryptography (Security, 8208698)"
},
{
"cve": "CVE-2019-2762",
"discovery_date": "2019-07-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1730415"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Utilities). Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: Insufficient checks of suppressed exceptions in deserialization (Utilities, 8212328)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.src",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-2762"
},
{
"category": "external",
"summary": "RHBZ#1730415",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730415"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-2762",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2762"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-2762",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-2762"
}
],
"release_date": "2019-07-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-07-22T12:41:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of OpenJDK Java must be restarted for this update to take effect.",
"product_ids": [
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.src",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1817"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.src",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: Insufficient checks of suppressed exceptions in deserialization (Utilities, 8212328)"
},
{
"cve": "CVE-2019-2769",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2019-07-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1730056"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Utilities). Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: Unbounded memory allocation during deserialization in Collections (Utilities, 8213432)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.src",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-2769"
},
{
"category": "external",
"summary": "RHBZ#1730056",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730056"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-2769",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2769"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-2769",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-2769"
}
],
"release_date": "2019-07-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-07-22T12:41:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of OpenJDK Java must be restarted for this update to take effect.",
"product_ids": [
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.src",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1817"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.src",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: Unbounded memory allocation during deserialization in Collections (Utilities, 8213432)"
},
{
"cve": "CVE-2019-2786",
"discovery_date": "2019-07-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1730255"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.4 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: Insufficient restriction of privileges in AccessController (Security, 8216381)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.src",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-2786"
},
{
"category": "external",
"summary": "RHBZ#1730255",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730255"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-2786",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2786"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-2786",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-2786"
}
],
"release_date": "2019-07-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-07-22T12:41:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of OpenJDK Java must be restarted for this update to take effect.",
"product_ids": [
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.src",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1817"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.src",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "OpenJDK: Insufficient restriction of privileges in AccessController (Security, 8216381)"
},
{
"cve": "CVE-2019-2816",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2019-07-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1730099"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data as well as unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: Missing URL format validation (Networking, 8221518)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.src",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-2816"
},
{
"category": "external",
"summary": "RHBZ#1730099",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730099"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-2816",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2816"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-2816",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-2816"
}
],
"release_date": "2019-07-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-07-22T12:41:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of OpenJDK Java must be restarted for this update to take effect.",
"product_ids": [
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.src",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1817"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.src",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: Missing URL format validation (Networking, 8221518)"
},
{
"cve": "CVE-2019-2818",
"cwe": {
"id": "CWE-385",
"name": "Covert Timing Channel"
},
"discovery_date": "2019-07-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1730078"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 11.0.3 and 12.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: Non-constant time comparison in ChaCha20Cipher (Security, 8221344)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.src",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-2818"
},
{
"category": "external",
"summary": "RHBZ#1730078",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730078"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-2818",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2818"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-2818",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-2818"
}
],
"release_date": "2019-07-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-07-22T12:41:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of OpenJDK Java must be restarted for this update to take effect.",
"product_ids": [
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.src",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1817"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.src",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "OpenJDK: Non-constant time comparison in ChaCha20Cipher (Security, 8221344)"
},
{
"cve": "CVE-2019-2821",
"cwe": {
"id": "CWE-358",
"name": "Improperly Implemented Security Check for Standard"
},
"discovery_date": "2019-07-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1730251"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JSSE). Supported versions that are affected are Java SE: 11.0.3 and 12.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: Incorrect handling of certificate status messages during TLS handshake (JSSE, 8222678)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.src",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-2821"
},
{
"category": "external",
"summary": "RHBZ#1730251",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730251"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-2821",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2821"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-2821",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-2821"
}
],
"release_date": "2019-07-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-07-22T12:41:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of OpenJDK Java must be restarted for this update to take effect.",
"product_ids": [
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.src",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1817"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.src",
"AppStream-8.0.0.Z:java-11-openjdk-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-debugsource-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-demo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-javadoc-zip-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-jmods-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-slowdebug-debuginfo-1:11.0.4.11-0.el8_0.x86_64",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.aarch64",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.ppc64le",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.s390x",
"AppStream-8.0.0.Z:java-11-openjdk-src-1:11.0.4.11-0.el8_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: Incorrect handling of certificate status messages during TLS handshake (JSSE, 8222678)"
}
]
}
SUSE-SU-2019:2002-1
Vulnerability from csaf_suse - Published: 2019-07-29 11:00 - Updated: 2019-07-29 11:00Summary
Security update for java-11-openjdk
Severity
Important
Notes
Title of the patch: Security update for java-11-openjdk
Description of the patch: This update for java-11-openjdk to version jdk-11.0.4+11 fixes the following issues:
Security issues fixed:
- CVE-2019-2745: Improved ECC Implementation (bsc#1141784).
- CVE-2019-2762: Exceptional throw cases (bsc#1141782).
- CVE-2019-2766: Improve file protocol handling (bsc#1141789).
- CVE-2019-2769: Better copies of CopiesList (bsc#1141783).
- CVE-2019-2786: More limited privilege usage (bsc#1141787).
- CVE-2019-7317: Improve PNG support options (bsc#1141780).
- CVE-2019-2818: Better Poly1305 support (bsc#1141788).
- CVE-2019-2816: Normalize normalization (bsc#1141785).
- CVE-2019-2821: Improve TLS negotiation (bsc#1141781).
- Certificate validation improvements
Non-security issues fixed:
- Do not fail installation when the manpages are not present (bsc#1115375)
- Backport upstream fix for JDK-8208602: Cannot read PEM X.509 cert if
there is whitespace after the header or footer (bsc#1140461)
Patchnames: SUSE-2019-2002,SUSE-SLE-Module-Basesystem-15-2019-2002,SUSE-SLE-Module-Basesystem-15-SP1-2019-2002,SUSE-SLE-Module-Development-Tools-OBS-15-2019-2002,SUSE-SLE-Module-Development-Tools-OBS-15-SP1-2019-2002
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.1 (Medium)
Affected products
Recommended
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.8 (Medium)
Affected products
Recommended
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
51 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for java-11-openjdk",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for java-11-openjdk to version jdk-11.0.4+11 fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2019-2745: Improved ECC Implementation (bsc#1141784).\n- CVE-2019-2762: Exceptional throw cases (bsc#1141782).\n- CVE-2019-2766: Improve file protocol handling (bsc#1141789).\n- CVE-2019-2769: Better copies of CopiesList (bsc#1141783).\n- CVE-2019-2786: More limited privilege usage (bsc#1141787).\n- CVE-2019-7317: Improve PNG support options (bsc#1141780).\n- CVE-2019-2818: Better Poly1305 support (bsc#1141788).\n- CVE-2019-2816: Normalize normalization (bsc#1141785).\n- CVE-2019-2821: Improve TLS negotiation (bsc#1141781).\n- Certificate validation improvements\n\nNon-security issues fixed:\n\n- Do not fail installation when the manpages are not present (bsc#1115375)\n- Backport upstream fix for JDK-8208602: Cannot read PEM X.509 cert if\n there is whitespace after the header or footer (bsc#1140461)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2019-2002,SUSE-SLE-Module-Basesystem-15-2019-2002,SUSE-SLE-Module-Basesystem-15-SP1-2019-2002,SUSE-SLE-Module-Development-Tools-OBS-15-2019-2002,SUSE-SLE-Module-Development-Tools-OBS-15-SP1-2019-2002",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_2002-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2019:2002-1",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192002-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2019:2002-1",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192002-1.html"
},
{
"category": "self",
"summary": "SUSE Bug 1115375",
"url": "https://bugzilla.suse.com/1115375"
},
{
"category": "self",
"summary": "SUSE Bug 1140461",
"url": "https://bugzilla.suse.com/1140461"
},
{
"category": "self",
"summary": "SUSE Bug 1141780",
"url": "https://bugzilla.suse.com/1141780"
},
{
"category": "self",
"summary": "SUSE Bug 1141781",
"url": "https://bugzilla.suse.com/1141781"
},
{
"category": "self",
"summary": "SUSE Bug 1141782",
"url": "https://bugzilla.suse.com/1141782"
},
{
"category": "self",
"summary": "SUSE Bug 1141783",
"url": "https://bugzilla.suse.com/1141783"
},
{
"category": "self",
"summary": "SUSE Bug 1141784",
"url": "https://bugzilla.suse.com/1141784"
},
{
"category": "self",
"summary": "SUSE Bug 1141785",
"url": "https://bugzilla.suse.com/1141785"
},
{
"category": "self",
"summary": "SUSE Bug 1141787",
"url": "https://bugzilla.suse.com/1141787"
},
{
"category": "self",
"summary": "SUSE Bug 1141788",
"url": "https://bugzilla.suse.com/1141788"
},
{
"category": "self",
"summary": "SUSE Bug 1141789",
"url": "https://bugzilla.suse.com/1141789"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-2745 page",
"url": "https://www.suse.com/security/cve/CVE-2019-2745/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-2762 page",
"url": "https://www.suse.com/security/cve/CVE-2019-2762/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-2766 page",
"url": "https://www.suse.com/security/cve/CVE-2019-2766/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-2769 page",
"url": "https://www.suse.com/security/cve/CVE-2019-2769/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-2786 page",
"url": "https://www.suse.com/security/cve/CVE-2019-2786/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-2816 page",
"url": "https://www.suse.com/security/cve/CVE-2019-2816/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-2818 page",
"url": "https://www.suse.com/security/cve/CVE-2019-2818/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-2821 page",
"url": "https://www.suse.com/security/cve/CVE-2019-2821/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-7317 page",
"url": "https://www.suse.com/security/cve/CVE-2019-7317/"
}
],
"title": "Security update for java-11-openjdk",
"tracking": {
"current_release_date": "2019-07-29T11:00:36Z",
"generator": {
"date": "2019-07-29T11:00:36Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2019:2002-1",
"initial_release_date": "2019-07-29T11:00:36Z",
"revision_history": [
{
"date": "2019-07-29T11:00:36Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"product": {
"name": "java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"product_id": "java-11-openjdk-11.0.4.0-3.33.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-accessibility-11.0.4.0-3.33.1.aarch64",
"product": {
"name": "java-11-openjdk-accessibility-11.0.4.0-3.33.1.aarch64",
"product_id": "java-11-openjdk-accessibility-11.0.4.0-3.33.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"product": {
"name": "java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"product_id": "java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"product": {
"name": "java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"product_id": "java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"product": {
"name": "java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"product_id": "java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-jmods-11.0.4.0-3.33.1.aarch64",
"product": {
"name": "java-11-openjdk-jmods-11.0.4.0-3.33.1.aarch64",
"product_id": "java-11-openjdk-jmods-11.0.4.0-3.33.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-src-11.0.4.0-3.33.1.aarch64",
"product": {
"name": "java-11-openjdk-src-11.0.4.0-3.33.1.aarch64",
"product_id": "java-11-openjdk-src-11.0.4.0-3.33.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-11-openjdk-11.0.4.0-3.33.1.i586",
"product": {
"name": "java-11-openjdk-11.0.4.0-3.33.1.i586",
"product_id": "java-11-openjdk-11.0.4.0-3.33.1.i586"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-accessibility-11.0.4.0-3.33.1.i586",
"product": {
"name": "java-11-openjdk-accessibility-11.0.4.0-3.33.1.i586",
"product_id": "java-11-openjdk-accessibility-11.0.4.0-3.33.1.i586"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-demo-11.0.4.0-3.33.1.i586",
"product": {
"name": "java-11-openjdk-demo-11.0.4.0-3.33.1.i586",
"product_id": "java-11-openjdk-demo-11.0.4.0-3.33.1.i586"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-devel-11.0.4.0-3.33.1.i586",
"product": {
"name": "java-11-openjdk-devel-11.0.4.0-3.33.1.i586",
"product_id": "java-11-openjdk-devel-11.0.4.0-3.33.1.i586"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-headless-11.0.4.0-3.33.1.i586",
"product": {
"name": "java-11-openjdk-headless-11.0.4.0-3.33.1.i586",
"product_id": "java-11-openjdk-headless-11.0.4.0-3.33.1.i586"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-jmods-11.0.4.0-3.33.1.i586",
"product": {
"name": "java-11-openjdk-jmods-11.0.4.0-3.33.1.i586",
"product_id": "java-11-openjdk-jmods-11.0.4.0-3.33.1.i586"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-src-11.0.4.0-3.33.1.i586",
"product": {
"name": "java-11-openjdk-src-11.0.4.0-3.33.1.i586",
"product_id": "java-11-openjdk-src-11.0.4.0-3.33.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "java-11-openjdk-javadoc-11.0.4.0-3.33.1.noarch",
"product": {
"name": "java-11-openjdk-javadoc-11.0.4.0-3.33.1.noarch",
"product_id": "java-11-openjdk-javadoc-11.0.4.0-3.33.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"product": {
"name": "java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"product_id": "java-11-openjdk-11.0.4.0-3.33.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-accessibility-11.0.4.0-3.33.1.ppc64le",
"product": {
"name": "java-11-openjdk-accessibility-11.0.4.0-3.33.1.ppc64le",
"product_id": "java-11-openjdk-accessibility-11.0.4.0-3.33.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"product": {
"name": "java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"product_id": "java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"product": {
"name": "java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"product_id": "java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"product": {
"name": "java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"product_id": "java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-jmods-11.0.4.0-3.33.1.ppc64le",
"product": {
"name": "java-11-openjdk-jmods-11.0.4.0-3.33.1.ppc64le",
"product_id": "java-11-openjdk-jmods-11.0.4.0-3.33.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-src-11.0.4.0-3.33.1.ppc64le",
"product": {
"name": "java-11-openjdk-src-11.0.4.0-3.33.1.ppc64le",
"product_id": "java-11-openjdk-src-11.0.4.0-3.33.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "java-11-openjdk-11.0.4.0-3.33.1.s390x",
"product": {
"name": "java-11-openjdk-11.0.4.0-3.33.1.s390x",
"product_id": "java-11-openjdk-11.0.4.0-3.33.1.s390x"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-accessibility-11.0.4.0-3.33.1.s390x",
"product": {
"name": "java-11-openjdk-accessibility-11.0.4.0-3.33.1.s390x",
"product_id": "java-11-openjdk-accessibility-11.0.4.0-3.33.1.s390x"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"product": {
"name": "java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"product_id": "java-11-openjdk-demo-11.0.4.0-3.33.1.s390x"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"product": {
"name": "java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"product_id": "java-11-openjdk-devel-11.0.4.0-3.33.1.s390x"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"product": {
"name": "java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"product_id": "java-11-openjdk-headless-11.0.4.0-3.33.1.s390x"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-jmods-11.0.4.0-3.33.1.s390x",
"product": {
"name": "java-11-openjdk-jmods-11.0.4.0-3.33.1.s390x",
"product_id": "java-11-openjdk-jmods-11.0.4.0-3.33.1.s390x"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-src-11.0.4.0-3.33.1.s390x",
"product": {
"name": "java-11-openjdk-src-11.0.4.0-3.33.1.s390x",
"product_id": "java-11-openjdk-src-11.0.4.0-3.33.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"product": {
"name": "java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"product_id": "java-11-openjdk-11.0.4.0-3.33.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-accessibility-11.0.4.0-3.33.1.x86_64",
"product": {
"name": "java-11-openjdk-accessibility-11.0.4.0-3.33.1.x86_64",
"product_id": "java-11-openjdk-accessibility-11.0.4.0-3.33.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"product": {
"name": "java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"product_id": "java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"product": {
"name": "java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"product_id": "java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64",
"product": {
"name": "java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64",
"product_id": "java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-jmods-11.0.4.0-3.33.1.x86_64",
"product": {
"name": "java-11-openjdk-jmods-11.0.4.0-3.33.1.x86_64",
"product_id": "java-11-openjdk-jmods-11.0.4.0-3.33.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-src-11.0.4.0-3.33.1.x86_64",
"product": {
"name": "java-11-openjdk-src-11.0.4.0-3.33.1.x86_64",
"product_id": "java-11-openjdk-src-11.0.4.0-3.33.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP1",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-11.0.4.0-3.33.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.aarch64"
},
"product_reference": "java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-11.0.4.0-3.33.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.ppc64le"
},
"product_reference": "java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-11.0.4.0-3.33.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.s390x"
},
"product_reference": "java-11-openjdk-11.0.4.0-3.33.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-11.0.4.0-3.33.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.x86_64"
},
"product_reference": "java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64"
},
"product_reference": "java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le"
},
"product_reference": "java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-demo-11.0.4.0-3.33.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x"
},
"product_reference": "java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64"
},
"product_reference": "java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64"
},
"product_reference": "java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le"
},
"product_reference": "java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-devel-11.0.4.0-3.33.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x"
},
"product_reference": "java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64"
},
"product_reference": "java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64"
},
"product_reference": "java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le"
},
"product_reference": "java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-headless-11.0.4.0-3.33.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x"
},
"product_reference": "java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64"
},
"product_reference": "java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-11.0.4.0-3.33.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.aarch64"
},
"product_reference": "java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-11.0.4.0-3.33.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.ppc64le"
},
"product_reference": "java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-11.0.4.0-3.33.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.s390x"
},
"product_reference": "java-11-openjdk-11.0.4.0-3.33.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-11.0.4.0-3.33.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.x86_64"
},
"product_reference": "java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64"
},
"product_reference": "java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le"
},
"product_reference": "java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-demo-11.0.4.0-3.33.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x"
},
"product_reference": "java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64"
},
"product_reference": "java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64"
},
"product_reference": "java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le"
},
"product_reference": "java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-devel-11.0.4.0-3.33.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x"
},
"product_reference": "java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64"
},
"product_reference": "java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64"
},
"product_reference": "java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le"
},
"product_reference": "java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-headless-11.0.4.0-3.33.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x"
},
"product_reference": "java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64"
},
"product_reference": "java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-2745",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-2745"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 7u221, 8u212 and 11.0.3. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE executes to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 5.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-2745",
"url": "https://www.suse.com/security/cve/CVE-2019-2745"
},
{
"category": "external",
"summary": "SUSE Bug 1141784 for CVE-2019-2745",
"url": "https://bugzilla.suse.com/1141784"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-07-29T11:00:36Z",
"details": "moderate"
}
],
"title": "CVE-2019-2745"
},
{
"cve": "CVE-2019-2762",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-2762"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Utilities). Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-2762",
"url": "https://www.suse.com/security/cve/CVE-2019-2762"
},
{
"category": "external",
"summary": "SUSE Bug 1141782 for CVE-2019-2762",
"url": "https://bugzilla.suse.com/1141782"
},
{
"category": "external",
"summary": "SUSE Bug 1147021 for CVE-2019-2762",
"url": "https://bugzilla.suse.com/1147021"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-07-29T11:00:36Z",
"details": "moderate"
}
],
"title": "CVE-2019-2762"
},
{
"cve": "CVE-2019-2766",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-2766"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-2766",
"url": "https://www.suse.com/security/cve/CVE-2019-2766"
},
{
"category": "external",
"summary": "SUSE Bug 1141789 for CVE-2019-2766",
"url": "https://bugzilla.suse.com/1141789"
},
{
"category": "external",
"summary": "SUSE Bug 1147021 for CVE-2019-2766",
"url": "https://bugzilla.suse.com/1147021"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-07-29T11:00:36Z",
"details": "moderate"
}
],
"title": "CVE-2019-2766"
},
{
"cve": "CVE-2019-2769",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-2769"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Utilities). Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-2769",
"url": "https://www.suse.com/security/cve/CVE-2019-2769"
},
{
"category": "external",
"summary": "SUSE Bug 1141783 for CVE-2019-2769",
"url": "https://bugzilla.suse.com/1141783"
},
{
"category": "external",
"summary": "SUSE Bug 1147021 for CVE-2019-2769",
"url": "https://bugzilla.suse.com/1147021"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-07-29T11:00:36Z",
"details": "moderate"
}
],
"title": "CVE-2019-2769"
},
{
"cve": "CVE-2019-2786",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-2786"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.4 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-2786",
"url": "https://www.suse.com/security/cve/CVE-2019-2786"
},
{
"category": "external",
"summary": "SUSE Bug 1141787 for CVE-2019-2786",
"url": "https://bugzilla.suse.com/1141787"
},
{
"category": "external",
"summary": "SUSE Bug 1147021 for CVE-2019-2786",
"url": "https://bugzilla.suse.com/1147021"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-07-29T11:00:36Z",
"details": "moderate"
}
],
"title": "CVE-2019-2786"
},
{
"cve": "CVE-2019-2816",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-2816"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data as well as unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-2816",
"url": "https://www.suse.com/security/cve/CVE-2019-2816"
},
{
"category": "external",
"summary": "SUSE Bug 1141785 for CVE-2019-2816",
"url": "https://bugzilla.suse.com/1141785"
},
{
"category": "external",
"summary": "SUSE Bug 1147021 for CVE-2019-2816",
"url": "https://bugzilla.suse.com/1147021"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-07-29T11:00:36Z",
"details": "moderate"
}
],
"title": "CVE-2019-2816"
},
{
"cve": "CVE-2019-2818",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-2818"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 11.0.3 and 12.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-2818",
"url": "https://www.suse.com/security/cve/CVE-2019-2818"
},
{
"category": "external",
"summary": "SUSE Bug 1141788 for CVE-2019-2818",
"url": "https://bugzilla.suse.com/1141788"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-07-29T11:00:36Z",
"details": "moderate"
}
],
"title": "CVE-2019-2818"
},
{
"cve": "CVE-2019-2821",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-2821"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JSSE). Supported versions that are affected are Java SE: 11.0.3 and 12.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-2821",
"url": "https://www.suse.com/security/cve/CVE-2019-2821"
},
{
"category": "external",
"summary": "SUSE Bug 1141781 for CVE-2019-2821",
"url": "https://bugzilla.suse.com/1141781"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-07-29T11:00:36Z",
"details": "moderate"
}
],
"title": "CVE-2019-2821"
},
{
"cve": "CVE-2019-7317",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-7317"
}
],
"notes": [
{
"category": "general",
"text": "png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-7317",
"url": "https://www.suse.com/security/cve/CVE-2019-7317"
},
{
"category": "external",
"summary": "SUSE Bug 1124211 for CVE-2019-7317",
"url": "https://bugzilla.suse.com/1124211"
},
{
"category": "external",
"summary": "SUSE Bug 1135824 for CVE-2019-7317",
"url": "https://bugzilla.suse.com/1135824"
},
{
"category": "external",
"summary": "SUSE Bug 1141780 for CVE-2019-7317",
"url": "https://bugzilla.suse.com/1141780"
},
{
"category": "external",
"summary": "SUSE Bug 1147021 for CVE-2019-7317",
"url": "https://bugzilla.suse.com/1147021"
},
{
"category": "external",
"summary": "SUSE Bug 1165297 for CVE-2019-7317",
"url": "https://bugzilla.suse.com/1165297"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-demo-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-devel-11.0.4.0-3.33.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:java-11-openjdk-headless-11.0.4.0-3.33.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-07-29T11:00:36Z",
"details": "moderate"
}
],
"title": "CVE-2019-7317"
}
]
}
WID-SEC-W-2025-0149
Vulnerability from csaf_certbund - Published: 2019-07-16 22:00 - Updated: 2025-01-21 23:00Summary
Oracle Java SE: Mehrere Schwachstellen
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Die Java Platform, Standard Edition (SE) ist eine Sammlung von Java-APIs (JDK) und der Java Laufzeit Umgebung (JRE).
Java Standard Edition (SE) Embedded ist die Laufzeitumgebung für die Java-Plattform des US-Unternehmens Oracle Corporation für Embedded Systems.
Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Java SE und Oracle Java SE Embedded ausnutzen, um dadurch die Integrität, Vertraulichkeit und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme: - Linux
- UNIX
- Windows
In Oracle Java SE und Oracle Java SE Embedded existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Confidentiality", "Integrity" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
22 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
Avaya Aura Utility Services
Avaya
|
cpe:/a:avaya:aura_utility_services:-
|
— | |
|
Avaya Breeze Platform
Avaya
|
cpe:/a:avaya:breeze_platform:-
|
— | |
|
Hitachi Command Suite
Hitachi
|
cpe:/a:hitachi:command_suite:-
|
— | |
|
Oracle Java SE Embedded 8u211
Oracle / Java SE Embedded
|
cpe:/a:oracle:java_se_embedded:8u211
|
8u211 | |
|
Oracle Java SE 12.0.1
Oracle / Java SE
|
cpe:/a:oracle:java_se:12.0.1
|
12.0.1 | |
|
Oracle Java SE 11.0.3
Oracle / Java SE
|
cpe:/a:oracle:java_se:11.0.3
|
11.0.3 | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Oracle Java SE 7u221
Oracle / Java SE
|
cpe:/a:oracle:java_se:7u221
|
7u221 | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Java SE 8u212
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u212
|
8u212 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Avaya Session Border Controller
Avaya
|
cpe:/h:avaya:session_border_controller:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Avaya CMS
Avaya
|
cpe:/a:avaya:call_management_system_server:-
|
— | |
|
Amazon Corretto <8.442.06.1
Amazon / Corretto
|
<8.442.06.1 | ||
|
Amazon Corretto <11.0.26.4.1
Amazon / Corretto
|
<11.0.26.4.1 | ||
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— |
In Oracle Java SE und Oracle Java SE Embedded existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Confidentiality", "Integrity" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
22 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
Avaya Aura Utility Services
Avaya
|
cpe:/a:avaya:aura_utility_services:-
|
— | |
|
Avaya Breeze Platform
Avaya
|
cpe:/a:avaya:breeze_platform:-
|
— | |
|
Hitachi Command Suite
Hitachi
|
cpe:/a:hitachi:command_suite:-
|
— | |
|
Oracle Java SE Embedded 8u211
Oracle / Java SE Embedded
|
cpe:/a:oracle:java_se_embedded:8u211
|
8u211 | |
|
Oracle Java SE 12.0.1
Oracle / Java SE
|
cpe:/a:oracle:java_se:12.0.1
|
12.0.1 | |
|
Oracle Java SE 11.0.3
Oracle / Java SE
|
cpe:/a:oracle:java_se:11.0.3
|
11.0.3 | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Oracle Java SE 7u221
Oracle / Java SE
|
cpe:/a:oracle:java_se:7u221
|
7u221 | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Java SE 8u212
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u212
|
8u212 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Avaya Session Border Controller
Avaya
|
cpe:/h:avaya:session_border_controller:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Avaya CMS
Avaya
|
cpe:/a:avaya:call_management_system_server:-
|
— | |
|
Amazon Corretto <8.442.06.1
Amazon / Corretto
|
<8.442.06.1 | ||
|
Amazon Corretto <11.0.26.4.1
Amazon / Corretto
|
<11.0.26.4.1 | ||
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— |
In Oracle Java SE und Oracle Java SE Embedded existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Confidentiality", "Integrity" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
22 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
Avaya Aura Utility Services
Avaya
|
cpe:/a:avaya:aura_utility_services:-
|
— | |
|
Avaya Breeze Platform
Avaya
|
cpe:/a:avaya:breeze_platform:-
|
— | |
|
Hitachi Command Suite
Hitachi
|
cpe:/a:hitachi:command_suite:-
|
— | |
|
Oracle Java SE Embedded 8u211
Oracle / Java SE Embedded
|
cpe:/a:oracle:java_se_embedded:8u211
|
8u211 | |
|
Oracle Java SE 12.0.1
Oracle / Java SE
|
cpe:/a:oracle:java_se:12.0.1
|
12.0.1 | |
|
Oracle Java SE 11.0.3
Oracle / Java SE
|
cpe:/a:oracle:java_se:11.0.3
|
11.0.3 | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Oracle Java SE 7u221
Oracle / Java SE
|
cpe:/a:oracle:java_se:7u221
|
7u221 | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Java SE 8u212
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u212
|
8u212 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Avaya Session Border Controller
Avaya
|
cpe:/h:avaya:session_border_controller:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Avaya CMS
Avaya
|
cpe:/a:avaya:call_management_system_server:-
|
— | |
|
Amazon Corretto <8.442.06.1
Amazon / Corretto
|
<8.442.06.1 | ||
|
Amazon Corretto <11.0.26.4.1
Amazon / Corretto
|
<11.0.26.4.1 | ||
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— |
In Oracle Java SE und Oracle Java SE Embedded existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Confidentiality", "Integrity" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
22 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
Avaya Aura Utility Services
Avaya
|
cpe:/a:avaya:aura_utility_services:-
|
— | |
|
Avaya Breeze Platform
Avaya
|
cpe:/a:avaya:breeze_platform:-
|
— | |
|
Hitachi Command Suite
Hitachi
|
cpe:/a:hitachi:command_suite:-
|
— | |
|
Oracle Java SE Embedded 8u211
Oracle / Java SE Embedded
|
cpe:/a:oracle:java_se_embedded:8u211
|
8u211 | |
|
Oracle Java SE 12.0.1
Oracle / Java SE
|
cpe:/a:oracle:java_se:12.0.1
|
12.0.1 | |
|
Oracle Java SE 11.0.3
Oracle / Java SE
|
cpe:/a:oracle:java_se:11.0.3
|
11.0.3 | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Oracle Java SE 7u221
Oracle / Java SE
|
cpe:/a:oracle:java_se:7u221
|
7u221 | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Java SE 8u212
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u212
|
8u212 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Avaya Session Border Controller
Avaya
|
cpe:/h:avaya:session_border_controller:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Avaya CMS
Avaya
|
cpe:/a:avaya:call_management_system_server:-
|
— | |
|
Amazon Corretto <8.442.06.1
Amazon / Corretto
|
<8.442.06.1 | ||
|
Amazon Corretto <11.0.26.4.1
Amazon / Corretto
|
<11.0.26.4.1 | ||
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— |
In Oracle Java SE und Oracle Java SE Embedded existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Confidentiality", "Integrity" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
22 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
Avaya Aura Utility Services
Avaya
|
cpe:/a:avaya:aura_utility_services:-
|
— | |
|
Avaya Breeze Platform
Avaya
|
cpe:/a:avaya:breeze_platform:-
|
— | |
|
Hitachi Command Suite
Hitachi
|
cpe:/a:hitachi:command_suite:-
|
— | |
|
Oracle Java SE Embedded 8u211
Oracle / Java SE Embedded
|
cpe:/a:oracle:java_se_embedded:8u211
|
8u211 | |
|
Oracle Java SE 12.0.1
Oracle / Java SE
|
cpe:/a:oracle:java_se:12.0.1
|
12.0.1 | |
|
Oracle Java SE 11.0.3
Oracle / Java SE
|
cpe:/a:oracle:java_se:11.0.3
|
11.0.3 | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Oracle Java SE 7u221
Oracle / Java SE
|
cpe:/a:oracle:java_se:7u221
|
7u221 | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Java SE 8u212
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u212
|
8u212 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Avaya Session Border Controller
Avaya
|
cpe:/h:avaya:session_border_controller:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Avaya CMS
Avaya
|
cpe:/a:avaya:call_management_system_server:-
|
— | |
|
Amazon Corretto <8.442.06.1
Amazon / Corretto
|
<8.442.06.1 | ||
|
Amazon Corretto <11.0.26.4.1
Amazon / Corretto
|
<11.0.26.4.1 | ||
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— |
In Oracle Java SE und Oracle Java SE Embedded existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Confidentiality", "Integrity" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
22 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
Avaya Aura Utility Services
Avaya
|
cpe:/a:avaya:aura_utility_services:-
|
— | |
|
Avaya Breeze Platform
Avaya
|
cpe:/a:avaya:breeze_platform:-
|
— | |
|
Hitachi Command Suite
Hitachi
|
cpe:/a:hitachi:command_suite:-
|
— | |
|
Oracle Java SE Embedded 8u211
Oracle / Java SE Embedded
|
cpe:/a:oracle:java_se_embedded:8u211
|
8u211 | |
|
Oracle Java SE 12.0.1
Oracle / Java SE
|
cpe:/a:oracle:java_se:12.0.1
|
12.0.1 | |
|
Oracle Java SE 11.0.3
Oracle / Java SE
|
cpe:/a:oracle:java_se:11.0.3
|
11.0.3 | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Oracle Java SE 7u221
Oracle / Java SE
|
cpe:/a:oracle:java_se:7u221
|
7u221 | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Java SE 8u212
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u212
|
8u212 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Avaya Session Border Controller
Avaya
|
cpe:/h:avaya:session_border_controller:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Avaya CMS
Avaya
|
cpe:/a:avaya:call_management_system_server:-
|
— | |
|
Amazon Corretto <8.442.06.1
Amazon / Corretto
|
<8.442.06.1 | ||
|
Amazon Corretto <11.0.26.4.1
Amazon / Corretto
|
<11.0.26.4.1 | ||
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— |
In Oracle Java SE und Oracle Java SE Embedded existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Confidentiality", "Integrity" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
22 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
Avaya Aura Utility Services
Avaya
|
cpe:/a:avaya:aura_utility_services:-
|
— | |
|
Avaya Breeze Platform
Avaya
|
cpe:/a:avaya:breeze_platform:-
|
— | |
|
Hitachi Command Suite
Hitachi
|
cpe:/a:hitachi:command_suite:-
|
— | |
|
Oracle Java SE Embedded 8u211
Oracle / Java SE Embedded
|
cpe:/a:oracle:java_se_embedded:8u211
|
8u211 | |
|
Oracle Java SE 12.0.1
Oracle / Java SE
|
cpe:/a:oracle:java_se:12.0.1
|
12.0.1 | |
|
Oracle Java SE 11.0.3
Oracle / Java SE
|
cpe:/a:oracle:java_se:11.0.3
|
11.0.3 | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Oracle Java SE 7u221
Oracle / Java SE
|
cpe:/a:oracle:java_se:7u221
|
7u221 | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Java SE 8u212
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u212
|
8u212 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Avaya Session Border Controller
Avaya
|
cpe:/h:avaya:session_border_controller:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Avaya CMS
Avaya
|
cpe:/a:avaya:call_management_system_server:-
|
— | |
|
Amazon Corretto <8.442.06.1
Amazon / Corretto
|
<8.442.06.1 | ||
|
Amazon Corretto <11.0.26.4.1
Amazon / Corretto
|
<11.0.26.4.1 | ||
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— |
In Oracle Java SE und Oracle Java SE Embedded existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Confidentiality", "Integrity" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
22 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
Avaya Aura Utility Services
Avaya
|
cpe:/a:avaya:aura_utility_services:-
|
— | |
|
Avaya Breeze Platform
Avaya
|
cpe:/a:avaya:breeze_platform:-
|
— | |
|
Hitachi Command Suite
Hitachi
|
cpe:/a:hitachi:command_suite:-
|
— | |
|
Oracle Java SE Embedded 8u211
Oracle / Java SE Embedded
|
cpe:/a:oracle:java_se_embedded:8u211
|
8u211 | |
|
Oracle Java SE 12.0.1
Oracle / Java SE
|
cpe:/a:oracle:java_se:12.0.1
|
12.0.1 | |
|
Oracle Java SE 11.0.3
Oracle / Java SE
|
cpe:/a:oracle:java_se:11.0.3
|
11.0.3 | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Oracle Java SE 7u221
Oracle / Java SE
|
cpe:/a:oracle:java_se:7u221
|
7u221 | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Java SE 8u212
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u212
|
8u212 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Avaya Session Border Controller
Avaya
|
cpe:/h:avaya:session_border_controller:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Avaya CMS
Avaya
|
cpe:/a:avaya:call_management_system_server:-
|
— | |
|
Amazon Corretto <8.442.06.1
Amazon / Corretto
|
<8.442.06.1 | ||
|
Amazon Corretto <11.0.26.4.1
Amazon / Corretto
|
<11.0.26.4.1 | ||
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— |
In Oracle Java SE und Oracle Java SE Embedded existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Confidentiality", "Integrity" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
22 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
Avaya Aura Utility Services
Avaya
|
cpe:/a:avaya:aura_utility_services:-
|
— | |
|
Avaya Breeze Platform
Avaya
|
cpe:/a:avaya:breeze_platform:-
|
— | |
|
Hitachi Command Suite
Hitachi
|
cpe:/a:hitachi:command_suite:-
|
— | |
|
Oracle Java SE Embedded 8u211
Oracle / Java SE Embedded
|
cpe:/a:oracle:java_se_embedded:8u211
|
8u211 | |
|
Oracle Java SE 12.0.1
Oracle / Java SE
|
cpe:/a:oracle:java_se:12.0.1
|
12.0.1 | |
|
Oracle Java SE 11.0.3
Oracle / Java SE
|
cpe:/a:oracle:java_se:11.0.3
|
11.0.3 | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Oracle Java SE 7u221
Oracle / Java SE
|
cpe:/a:oracle:java_se:7u221
|
7u221 | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Java SE 8u212
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u212
|
8u212 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Avaya Session Border Controller
Avaya
|
cpe:/h:avaya:session_border_controller:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Avaya CMS
Avaya
|
cpe:/a:avaya:call_management_system_server:-
|
— | |
|
Amazon Corretto <8.442.06.1
Amazon / Corretto
|
<8.442.06.1 | ||
|
Amazon Corretto <11.0.26.4.1
Amazon / Corretto
|
<11.0.26.4.1 | ||
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— |
In Oracle Java SE und Oracle Java SE Embedded existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Confidentiality", "Integrity" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
22 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
Avaya Aura Utility Services
Avaya
|
cpe:/a:avaya:aura_utility_services:-
|
— | |
|
Avaya Breeze Platform
Avaya
|
cpe:/a:avaya:breeze_platform:-
|
— | |
|
Hitachi Command Suite
Hitachi
|
cpe:/a:hitachi:command_suite:-
|
— | |
|
Oracle Java SE Embedded 8u211
Oracle / Java SE Embedded
|
cpe:/a:oracle:java_se_embedded:8u211
|
8u211 | |
|
Oracle Java SE 12.0.1
Oracle / Java SE
|
cpe:/a:oracle:java_se:12.0.1
|
12.0.1 | |
|
Oracle Java SE 11.0.3
Oracle / Java SE
|
cpe:/a:oracle:java_se:11.0.3
|
11.0.3 | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Oracle Java SE 7u221
Oracle / Java SE
|
cpe:/a:oracle:java_se:7u221
|
7u221 | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Java SE 8u212
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u212
|
8u212 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Avaya Session Border Controller
Avaya
|
cpe:/h:avaya:session_border_controller:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Avaya CMS
Avaya
|
cpe:/a:avaya:call_management_system_server:-
|
— | |
|
Amazon Corretto <8.442.06.1
Amazon / Corretto
|
<8.442.06.1 | ||
|
Amazon Corretto <11.0.26.4.1
Amazon / Corretto
|
<11.0.26.4.1 | ||
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— |
In Oracle Java SE und Oracle Java SE Embedded existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Confidentiality", "Integrity" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
22 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
Avaya Aura Utility Services
Avaya
|
cpe:/a:avaya:aura_utility_services:-
|
— | |
|
Avaya Breeze Platform
Avaya
|
cpe:/a:avaya:breeze_platform:-
|
— | |
|
Hitachi Command Suite
Hitachi
|
cpe:/a:hitachi:command_suite:-
|
— | |
|
Oracle Java SE Embedded 8u211
Oracle / Java SE Embedded
|
cpe:/a:oracle:java_se_embedded:8u211
|
8u211 | |
|
Oracle Java SE 12.0.1
Oracle / Java SE
|
cpe:/a:oracle:java_se:12.0.1
|
12.0.1 | |
|
Oracle Java SE 11.0.3
Oracle / Java SE
|
cpe:/a:oracle:java_se:11.0.3
|
11.0.3 | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Oracle Java SE 7u221
Oracle / Java SE
|
cpe:/a:oracle:java_se:7u221
|
7u221 | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Java SE 8u212
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u212
|
8u212 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Avaya Session Border Controller
Avaya
|
cpe:/h:avaya:session_border_controller:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Avaya CMS
Avaya
|
cpe:/a:avaya:call_management_system_server:-
|
— | |
|
Amazon Corretto <8.442.06.1
Amazon / Corretto
|
<8.442.06.1 | ||
|
Amazon Corretto <11.0.26.4.1
Amazon / Corretto
|
<11.0.26.4.1 | ||
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— |
References
40 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Die Java Platform, Standard Edition (SE) ist eine Sammlung von Java-APIs (JDK) und der Java Laufzeit Umgebung (JRE).\r\nJava Standard Edition (SE) Embedded ist die Laufzeitumgebung f\u00fcr die Java-Plattform des US-Unternehmens Oracle Corporation f\u00fcr Embedded Systems.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Java SE und Oracle Java SE Embedded ausnutzen, um dadurch die Integrit\u00e4t, Vertraulichkeit und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-0149 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2019/wid-sec-w-2025-0149.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-0149 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0149"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - July 2019 vom 2019-07-16",
"url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html#AppendixJAVA"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:1810 vom 2019-07-22",
"url": "https://access.redhat.com/errata/RHSA-2019:1810"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:1811 vom 2019-07-22",
"url": "https://access.redhat.com/errata/RHSA-2019:1811"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:1815 vom 2019-07-22",
"url": "https://access.redhat.com/errata/RHSA-2019:1815"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:1816 vom 2019-07-22",
"url": "https://access.redhat.com/errata/RHSA-2019:1816"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:1817 vom 2019-07-22",
"url": "https://access.redhat.com/errata/RHSA-2019:1817"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2019-1811 vom 2019-07-22",
"url": "http://linux.oracle.com/errata/ELSA-2019-1811.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-4485 vom 2019-07-23",
"url": "http://www.debian.org/security/2019/dsa-4485"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-4486 vom 2019-07-23",
"url": "http://www.debian.org/security/2019/dsa-4486"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2019-1810 vom 2019-07-23",
"url": "http://linux.oracle.com/errata/ELSA-2019-1810.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2019-1815 vom 2019-07-23",
"url": "http://linux.oracle.com/errata/ELSA-2019-1815.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:1840 vom 2019-07-24",
"url": "https://access.redhat.com/errata/RHSA-2019:1840"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:1839 vom 2019-07-24",
"url": "https://access.redhat.com/errata/RHSA-2019:1839"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2019-1839 vom 2019-07-24",
"url": "http://linux.oracle.com/errata/ELSA-2019-1839.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2019-1840 vom 2019-07-24",
"url": "http://linux.oracle.com/errata/ELSA-2019-1840.html"
},
{
"category": "external",
"summary": "CentOS Security Advisory CESA-2019:1815 vom 2019-07-24",
"url": "http://centos-announce.2309468.n4.nabble.com/CentOS-announce-CESA-2019-1815-Moderate-CentOS-7-java-1-8-0-openjdk-Security-Update-tp4645613.html"
},
{
"category": "external",
"summary": "CentOS Security Advisory CESA-2019:1839 vom 2019-07-24",
"url": "http://centos-announce.2309468.n4.nabble.com/CentOS-announce-CESA-2019-1839-Moderate-CentOS-7-java-1-7-0-openjdk-Security-Update-tp4645612.html"
},
{
"category": "external",
"summary": "CentOS Security Advisory CESA-2019:1810 vom 2019-07-24",
"url": "http://centos-announce.2309468.n4.nabble.com/CentOS-announce-CESA-2019-1810-Moderate-CentOS-7-java-11-openjdk-Security-Update-tp4645611.html"
},
{
"category": "external",
"summary": "CentOS Security Advisory CESA-2019:1840 vom 2019-07-24",
"url": "http://centos-announce.2309468.n4.nabble.com/CentOS-announce-CESA-2019-1840-Moderate-CentOS-6-java-1-7-0-openjdk-Security-Update-tp4645610.html"
},
{
"category": "external",
"summary": "CentOS Security Advisory CESA-2019:1811 vom 2019-07-24",
"url": "http://centos-announce.2309468.n4.nabble.com/CentOS-announce-CESA-2019-1811-Moderate-CentOS-6-java-1-8-0-openjdk-Security-Update-tp4645609.html"
},
{
"category": "external",
"summary": "Hitachi Software Vulnerability Information",
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2019-117/index.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2019:2002-1 vom 2019-07-29",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192002-1.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-4080-1 vom 2019-07-31",
"url": "https://usn.ubuntu.com/4080-1/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2019:2021-1 vom 2019-07-31",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192021-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2019:2028-1 vom 2019-07-31",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192028-1.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-4083-1 vom 2019-08-01",
"url": "https://usn.ubuntu.com/4083-1/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2019:2036-1 vom 2019-08-02",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192036-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2019:2036-2 vom 2019-08-17",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192036-2.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:2590 vom 2019-09-02",
"url": "https://access.redhat.com/errata/RHSA-2019:2590"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:2585 vom 2019-09-02",
"url": "https://access.redhat.com/errata/RHSA-2019:2585"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:2592 vom 2019-09-02",
"url": "https://access.redhat.com/errata/RHSA-2019:2592"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2019:14160-1 vom 2019-09-04",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-201914160-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2019:2291-1 vom 2019-09-05",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192291-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2019:2336-1 vom 2019-09-09",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192336-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2019:2371-1 vom 2019-09-12",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192371-1.html"
},
{
"category": "external",
"summary": "AVAYA Security Advisory: ASA-2019-130 vom 2020-01-30",
"url": "https://downloads.avaya.com/css/P8/documents/101060118"
},
{
"category": "external",
"summary": "Change Log for Amazon Corretto 8 vom 2025-01-21",
"url": "https://github.com/corretto/corretto-8/blob/14eb6b297ac476ca5734706b40903e5a69ecd74a/CHANGELOG.md"
},
{
"category": "external",
"summary": "Change Log for Amazon Corretto 11 vom 2025-01-21",
"url": "https://github.com/corretto/corretto-11/blob/ece67a968d57210c69d3b9153576613846c1cacf/CHANGELOG.md"
}
],
"source_lang": "en-US",
"title": "Oracle Java SE: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-01-21T23:00:00.000+00:00",
"generator": {
"date": "2025-01-22T09:47:52.944+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.10"
}
},
"id": "WID-SEC-W-2025-0149",
"initial_release_date": "2019-07-16T22:00:00.000+00:00",
"revision_history": [
{
"date": "2019-07-16T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2019-07-22T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Red Hat, Oracle Linux und Debian aufgenommen"
},
{
"date": "2019-07-22T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2019-07-23T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2019-07-23T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2019-07-24T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Oracle Linux und CentOS aufgenommen"
},
{
"date": "2019-07-25T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von HITACHI aufgenommen"
},
{
"date": "2019-07-29T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2019-07-30T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Ubuntu und SUSE aufgenommen"
},
{
"date": "2019-07-31T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von SUSE und Ubuntu aufgenommen"
},
{
"date": "2019-08-01T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2019-08-18T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2019-09-01T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2019-09-02T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2019-09-04T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2019-09-09T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2019-09-12T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2020-01-30T23:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von AVAYA aufgenommen"
},
{
"date": "2025-01-21T23:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates aufgenommen"
}
],
"status": "final",
"version": "19"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c11.0.26.4.1",
"product": {
"name": "Amazon Corretto \u003c11.0.26.4.1",
"product_id": "T040500"
}
},
{
"category": "product_version",
"name": "11.0.26.4.1",
"product": {
"name": "Amazon Corretto 11.0.26.4.1",
"product_id": "T040500-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:amazon:corretto:11.0.26.4.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c8.442.06.1",
"product": {
"name": "Amazon Corretto \u003c8.442.06.1",
"product_id": "T040501"
}
},
{
"category": "product_version",
"name": "8.442.06.1",
"product": {
"name": "Amazon Corretto 8.442.06.1",
"product_id": "T040501-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:amazon:corretto:8.442.06.1"
}
}
}
],
"category": "product_name",
"name": "Corretto"
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Avaya Aura Application Enablement Services",
"product": {
"name": "Avaya Aura Application Enablement Services",
"product_id": "T015516",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:aura_application_enablement_services:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Aura Communication Manager",
"product": {
"name": "Avaya Aura Communication Manager",
"product_id": "T015126",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:communication_manager:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Aura Session Manager",
"product": {
"name": "Avaya Aura Session Manager",
"product_id": "T015127",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:session_manager:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Aura System Manager",
"product": {
"name": "Avaya Aura System Manager",
"product_id": "T015518",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:aura_system_manager:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Aura Utility Services",
"product": {
"name": "Avaya Aura Utility Services",
"product_id": "T015824",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:aura_utility_services:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Breeze Platform",
"product": {
"name": "Avaya Breeze Platform",
"product_id": "T015823",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:breeze_platform:-"
}
}
},
{
"category": "product_name",
"name": "Avaya CMS",
"product": {
"name": "Avaya CMS",
"product_id": "997",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:call_management_system_server:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Session Border Controller",
"product": {
"name": "Avaya Session Border Controller",
"product_id": "T015520",
"product_identification_helper": {
"cpe": "cpe:/h:avaya:session_border_controller:-"
}
}
}
],
"category": "vendor",
"name": "Avaya"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "Hitachi Command Suite",
"product": {
"name": "Hitachi Command Suite",
"product_id": "T010951",
"product_identification_helper": {
"cpe": "cpe:/a:hitachi:command_suite:-"
}
}
}
],
"category": "vendor",
"name": "Hitachi"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source CentOS",
"product": {
"name": "Open Source CentOS",
"product_id": "1727",
"product_identification_helper": {
"cpe": "cpe:/o:centos:centos:-"
}
}
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "8u212",
"product": {
"name": "Oracle Java SE 8u212",
"product_id": "T014652",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:java_se:8u212"
}
}
},
{
"category": "product_version",
"name": "7u221",
"product": {
"name": "Oracle Java SE 7u221",
"product_id": "T014653",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:java_se:7u221"
}
}
},
{
"category": "product_version",
"name": "11.0.3",
"product": {
"name": "Oracle Java SE 11.0.3",
"product_id": "T014654",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:java_se:11.0.3"
}
}
},
{
"category": "product_version",
"name": "12.0.1",
"product": {
"name": "Oracle Java SE 12.0.1",
"product_id": "T014655",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:java_se:12.0.1"
}
}
}
],
"category": "product_name",
"name": "Java SE"
},
{
"branches": [
{
"category": "product_version",
"name": "8u211",
"product": {
"name": "Oracle Java SE Embedded 8u211",
"product_id": "T014656",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:java_se_embedded:8u211"
}
}
}
],
"category": "product_name",
"name": "Java SE Embedded"
},
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-2745",
"notes": [
{
"category": "description",
"text": "In Oracle Java SE und Oracle Java SE Embedded existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T015518",
"67646",
"T015516",
"T015824",
"T015823",
"T010951",
"T014656",
"T014655",
"T014654",
"T015127",
"T014653",
"T015126",
"T014652",
"T004914",
"T015520",
"2951",
"T002207",
"T000126",
"997",
"T040501",
"T040500",
"1727"
]
},
"release_date": "2019-07-16T22:00:00.000+00:00",
"title": "CVE-2019-2745"
},
{
"cve": "CVE-2019-2762",
"notes": [
{
"category": "description",
"text": "In Oracle Java SE und Oracle Java SE Embedded existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T015518",
"67646",
"T015516",
"T015824",
"T015823",
"T010951",
"T014656",
"T014655",
"T014654",
"T015127",
"T014653",
"T015126",
"T014652",
"T004914",
"T015520",
"2951",
"T002207",
"T000126",
"997",
"T040501",
"T040500",
"1727"
]
},
"release_date": "2019-07-16T22:00:00.000+00:00",
"title": "CVE-2019-2762"
},
{
"cve": "CVE-2019-2766",
"notes": [
{
"category": "description",
"text": "In Oracle Java SE und Oracle Java SE Embedded existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T015518",
"67646",
"T015516",
"T015824",
"T015823",
"T010951",
"T014656",
"T014655",
"T014654",
"T015127",
"T014653",
"T015126",
"T014652",
"T004914",
"T015520",
"2951",
"T002207",
"T000126",
"997",
"T040501",
"T040500",
"1727"
]
},
"release_date": "2019-07-16T22:00:00.000+00:00",
"title": "CVE-2019-2766"
},
{
"cve": "CVE-2019-2769",
"notes": [
{
"category": "description",
"text": "In Oracle Java SE und Oracle Java SE Embedded existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T015518",
"67646",
"T015516",
"T015824",
"T015823",
"T010951",
"T014656",
"T014655",
"T014654",
"T015127",
"T014653",
"T015126",
"T014652",
"T004914",
"T015520",
"2951",
"T002207",
"T000126",
"997",
"T040501",
"T040500",
"1727"
]
},
"release_date": "2019-07-16T22:00:00.000+00:00",
"title": "CVE-2019-2769"
},
{
"cve": "CVE-2019-2786",
"notes": [
{
"category": "description",
"text": "In Oracle Java SE und Oracle Java SE Embedded existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T015518",
"67646",
"T015516",
"T015824",
"T015823",
"T010951",
"T014656",
"T014655",
"T014654",
"T015127",
"T014653",
"T015126",
"T014652",
"T004914",
"T015520",
"2951",
"T002207",
"T000126",
"997",
"T040501",
"T040500",
"1727"
]
},
"release_date": "2019-07-16T22:00:00.000+00:00",
"title": "CVE-2019-2786"
},
{
"cve": "CVE-2019-2816",
"notes": [
{
"category": "description",
"text": "In Oracle Java SE und Oracle Java SE Embedded existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T015518",
"67646",
"T015516",
"T015824",
"T015823",
"T010951",
"T014656",
"T014655",
"T014654",
"T015127",
"T014653",
"T015126",
"T014652",
"T004914",
"T015520",
"2951",
"T002207",
"T000126",
"997",
"T040501",
"T040500",
"1727"
]
},
"release_date": "2019-07-16T22:00:00.000+00:00",
"title": "CVE-2019-2816"
},
{
"cve": "CVE-2019-2818",
"notes": [
{
"category": "description",
"text": "In Oracle Java SE und Oracle Java SE Embedded existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T015518",
"67646",
"T015516",
"T015824",
"T015823",
"T010951",
"T014656",
"T014655",
"T014654",
"T015127",
"T014653",
"T015126",
"T014652",
"T004914",
"T015520",
"2951",
"T002207",
"T000126",
"997",
"T040501",
"T040500",
"1727"
]
},
"release_date": "2019-07-16T22:00:00.000+00:00",
"title": "CVE-2019-2818"
},
{
"cve": "CVE-2019-2821",
"notes": [
{
"category": "description",
"text": "In Oracle Java SE und Oracle Java SE Embedded existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T015518",
"67646",
"T015516",
"T015824",
"T015823",
"T010951",
"T014656",
"T014655",
"T014654",
"T015127",
"T014653",
"T015126",
"T014652",
"T004914",
"T015520",
"2951",
"T002207",
"T000126",
"997",
"T040501",
"T040500",
"1727"
]
},
"release_date": "2019-07-16T22:00:00.000+00:00",
"title": "CVE-2019-2821"
},
{
"cve": "CVE-2019-2842",
"notes": [
{
"category": "description",
"text": "In Oracle Java SE und Oracle Java SE Embedded existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T015518",
"67646",
"T015516",
"T015824",
"T015823",
"T010951",
"T014656",
"T014655",
"T014654",
"T015127",
"T014653",
"T015126",
"T014652",
"T004914",
"T015520",
"2951",
"T002207",
"T000126",
"997",
"T040501",
"T040500",
"1727"
]
},
"release_date": "2019-07-16T22:00:00.000+00:00",
"title": "CVE-2019-2842"
},
{
"cve": "CVE-2019-6129",
"notes": [
{
"category": "description",
"text": "In Oracle Java SE und Oracle Java SE Embedded existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T015518",
"67646",
"T015516",
"T015824",
"T015823",
"T010951",
"T014656",
"T014655",
"T014654",
"T015127",
"T014653",
"T015126",
"T014652",
"T004914",
"T015520",
"2951",
"T002207",
"T000126",
"997",
"T040501",
"T040500",
"1727"
]
},
"release_date": "2019-07-16T22:00:00.000+00:00",
"title": "CVE-2019-6129"
},
{
"cve": "CVE-2019-7317",
"notes": [
{
"category": "description",
"text": "In Oracle Java SE und Oracle Java SE Embedded existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T015518",
"67646",
"T015516",
"T015824",
"T015823",
"T010951",
"T014656",
"T014655",
"T014654",
"T015127",
"T014653",
"T015126",
"T014652",
"T004914",
"T015520",
"2951",
"T002207",
"T000126",
"997",
"T040501",
"T040500",
"1727"
]
},
"release_date": "2019-07-16T22:00:00.000+00:00",
"title": "CVE-2019-7317"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…