Vulnerability-Lookup

URL	Tags
https://www.oracle.com/security-alerts/cpuoct2022.html
https://security.netapp.com/advisory/ntap-2022102…
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
https://security.gentoo.org/glsa/202401-25

Vendor	Product	Version
Oracle Corporation	Java SE JDK and JRE	Affected: Oracle Java SE:8u341 Affected: Oracle Java SE:8u345-perf Affected: Oracle Java SE:11.0.16.1 Affected: Oracle Java SE:17.0.4.1 Affected: Oracle Java SE:19 Affected: Oracle GraalVM Enterprise Edition:20.3.7 Affected: Oracle GraalVM Enterprise Edition:21.3.3 Affected: Oracle GraalVM Enterprise Edition:22.2.0

CERTFR-2026-AVI-0199

Vulnerability from certfr_avis - Published: 2026-02-24 - Updated: 2026-02-24

De multiples vulnérabilités ont été découvertes dans les produits VMware. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et une injection de code indirecte à distance (XSS).

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
VMware	Telco Cloud Platform	Telco Cloud Platform versions 4.x et 5.x sans le correctif de sécurité KB428241
VMware	Tanzu Data Services	Tanzu Data Flow versions antérieures à 2.0.2 sur Tanzu Platform
VMware	Azure Spring Enterprise	Harbor Registry versions antérieures à 2.14.2
VMware	Tanzu Data Intelligence	Tanzu pour MySQL versions 2.0.0 sur Kubernetes
VMware	Cloud Foundation	Cloud Foundation versions 9.x antérieures à 9.0.2.0
VMware	Tanzu Kubernetes Runtime	App Metrics versions antérieures à2.3.3
VMware	Tanzu Data Intelligence	Tanzu GemFire versions antérieures à 2.6.1 sur Kubernetes
VMware	Tanzu Kubernetes Runtime	CredHub Secrets Management pour Tanzu Platform versions antérieures à 1.6.8
VMware	Tanzu Data Intelligence	Tanzu pour Valkey version 3.3.1 sur Kubernetes
VMware	Tanzu Operations Manager	Foundation Core pour Tanzu Platform versions antérieures à 3.2.4
VMware	Aria Operations	Aria Operations versions 8.x antérieures à 8.18.6
VMware	Tanzu Kubernetes Runtime	cf-mgmt pour Tanzu Platform versions antérieures à 1.0.108
VMware	Tanzu Data Intelligence	Tanzu pour Valkey version 9.0.1
VMware	Tanzu Kubernetes Runtime	Extended App Support pour Tanzu Platform versions antérieures à 1.0.15
VMware	Tanzu Data Intelligence	Tanzu GemFire Management versions antérieures à 1.4.3
VMware	Tanzu Kubernetes Runtime	NodeJS Buildpack versions antérieures à 1.8.77
VMware	Tanzu Kubernetes Runtime	Cloud Native Buildpacks pour Tanzu Platform versions antérieures à 0.6.5
VMware	Cloud Foundation	Cloud Foundation versions 4.x et 5.x sans le correctif de sécurité KB92148
VMware	Tanzu Kubernetes Runtime	AI Services pour Tanzu Platform versions antérieures à 10.3.4
VMware	Tanzu Kubernetes Runtime	Java Buildpack versions antérieures à 4.89.0
VMware	Telco Cloud Infrastructure	Telco Cloud Infrastructure versions 2.x et 3.x sans le correctif de sécurité KB428241
VMware	Tanzu Kubernetes Runtime	Elastic Application Runtime pour Tanzu Platform versions antérieures à 6.0.25+LTS-T, 10.2.8+LTS-T et 10.3.5

References

Title

Publication Time

CERTFR-2026-AVI-0249

Vulnerability from certfr_avis - Published: 2026-03-06 - Updated: 2026-03-06

De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
IBM	QRadar	QRadar Data Synchronization App versions antérieures à 3.3.0
IBM	Db2	DB2 Data Management Console versions antérieures à 3.1.13
IBM	Tivoli	Tivoli Netcool/OMNIbus_GUI sans le dernier correctif de sécurité
IBM	Db2	DB2 Recovery Expert versions antérieures à 5.5.0.1 Interim Fix 8
IBM	Db2	Db2 Warehouse on Cloud Pak for Data versions antérieures à 5.3.1
IBM	Db2	Db2 on Cloud Pak for Data versions antérieures à 5.3.1
IBM	QRadar	QRadar Pre-Validation App versions antérieures à 2.0.2

References

Title

Publication Time

FKIE_CVE-2022-21624

Vulnerability from fkie_nvd - Published: 2022-10-18 21:15 - Updated: 2026-05-27 17:16

Severity

3.7 (Low) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

Summary

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).

References

URL	Tags
secalert_us@oracle.com	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/37QDWJBGEPP65X43NXQTXQ7KASLUHON6/	Mailing List, Third Party Advisory
secalert_us@oracle.com	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ARF4QF4N3X5GSFHXUBWARGLISGKJ33R/	Mailing List, Third Party Advisory
secalert_us@oracle.com	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QLQ7OD33W6LT3HWI7VYDFFJLV75Y73K/	Mailing List, Third Party Advisory
secalert_us@oracle.com	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EXSBV3W6EP6B7XJ63Z2FPVBH6HAPGJ5T/	Mailing List, Third Party Advisory
secalert_us@oracle.com	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HNGMDNIHAA73BEX6XPA2IMXJSGOKKYE6/	Mailing List, Third Party Advisory
secalert_us@oracle.com	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PB3CIGOFG7CENUVVE4FFZT2HI5FO77XU/	Mailing List, Third Party Advisory
secalert_us@oracle.com	https://security.gentoo.org/glsa/202401-25
secalert_us@oracle.com	https://security.netapp.com/advisory/ntap-20221028-0012/	Third Party Advisory
secalert_us@oracle.com	https://www.oracle.com/security-alerts/cpuoct2022.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/37QDWJBGEPP65X43NXQTXQ7KASLUHON6/	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ARF4QF4N3X5GSFHXUBWARGLISGKJ33R/	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QLQ7OD33W6LT3HWI7VYDFFJLV75Y73K/	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EXSBV3W6EP6B7XJ63Z2FPVBH6HAPGJ5T/	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HNGMDNIHAA73BEX6XPA2IMXJSGOKKYE6/	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PB3CIGOFG7CENUVVE4FFZT2HI5FO77XU/	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://security.gentoo.org/glsa/202401-25
af854a3a-2127-422b-91ae-364da2661108	https://security.netapp.com/advisory/ntap-20221028-0012/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.oracle.com/security-alerts/cpuoct2022.html	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
oracle	graalvm	20.3.7
oracle	graalvm	21.3.3
oracle	graalvm	22.2.0
oracle	jdk	1.8.0
oracle	jdk	1.8.0
oracle	jdk	11.0.16.1
oracle	jdk	17.0.4.1
oracle	jdk	19
oracle	jre	1.8.0
oracle	jre	1.8.0
oracle	jre	11.0.16.1
oracle	jre	17.0.4.1
oracle	jre	19
fedoraproject	fedora	35
fedoraproject	fedora	36
netapp	7-mode_transition_tool	-
netapp	cloud_insights_acquisition_unit	-
netapp	cloud_secure_agent	-
netapp	e-series_santricity_os_controller	*
netapp	e-series_santricity_storage_manager	-
netapp	e-series_santricity_unified_manager	-
netapp	oncommand_insight	-
netapp	oncommand_workflow_automation	-
netapp	santricity_storage_plugin	-
netapp	santricity_web_services_proxy	-
azul	zulu	6.49
azul	zulu	7.56
azul	zulu	8.64
azul	zulu	11.58
azul	zulu	13.50
azul	zulu	15.42
azul	zulu	17.36
azul	zulu	19.28

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:oracle:graalvm:20.3.7:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "0DDD4602-7175-4DB6-B9D9-E7CDF482D263",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:graalvm:21.3.3:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "71668668-8383-4366-A184-F26455271914",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:graalvm:22.2.0:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "C99B4F5D-3784-42B8-89CA-CDD2AA86B80E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update341:*:*:*:*:*:*",
              "matchCriteriaId": "EC1EEFCE-432E-40EE-B547-A193896C4CA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update345:*:*:enterprise_performance_pack:*:*:*",
              "matchCriteriaId": "FB70CB5F-AABC-4CF2-B17E-D9C8D1E22F1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:11.0.16.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C13BD2F4-05F5-44FD-A217-2049CA5E680B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:17.0.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "05CB121D-1430-47CE-BF7B-9567A234C7D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:19:*:*:*:*:*:*:*",
              "matchCriteriaId": "361979FB-5B05-46A5-A6A2-993B51DF9E44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.8.0:update341:*:*:*:*:*:*",
              "matchCriteriaId": "94F132CF-6D24-4E80-B959-7ED1F247C3D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.8.0:update345:*:*:enterprise_performance_pack:*:*:*",
              "matchCriteriaId": "B472E91E-F08F-4CBB-8FDB-37F8EDFB602E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:11.0.16.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "99A04E21-5FCB-4DA7-873A-2FE3AA713669",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:17.0.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCF1C861-79F0-47F8-96E9-6AE0AEFDEC8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:19:*:*:*:*:*:*:*",
              "matchCriteriaId": "435B90D6-F0BE-4451-867B-C31116D52A9C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
              "matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:netapp:7-mode_transition_tool:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EF6650C-558D-45C8-AE7D-136EE70CB6D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:cloud_insights_acquisition_unit:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCAA4004-9319-478C-9D55-0E8307F872F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:cloud_secure_agent:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0F202E8-97E6-4BBB-A0B6-4CA3F5803C08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0DA944C-4992-424D-BC82-474585DAC5DF",
              "versionEndIncluding": "11.70.2",
              "versionStartIncluding": "11.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D9CC59D-6182-4B5E-96B5-226FCD343916",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:e-series_santricity_unified_manager:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB695329-036B-447D-BEB0-AA4D89D1D99C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5735E553-9731-4AAC-BCFF-989377F817B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:santricity_storage_plugin:-:*:*:*:*:vcenter:*:*",
              "matchCriteriaId": "82E94B87-065E-475F-815C-F49978CE22FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:santricity_web_services_proxy:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "84007013-7E55-40E3-94F7-55C04D69AE3C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:azul:zulu:6.49:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCB7D337-B3E6-4BCE-8249-0473D2DE08BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:azul:zulu:7.56:*:*:*:*:*:*:*",
              "matchCriteriaId": "285FB110-9501-4F23-BC21-B2EE1E1B82BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:azul:zulu:8.64:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB77FECF-07E1-448E-86F2-DD78B443D7C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:azul:zulu:11.58:*:*:*:*:*:*:*",
              "matchCriteriaId": "9323C11D-50C6-4356-A2FF-294F750906AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:azul:zulu:13.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC373919-C38D-4E22-A52D-BA9074E88124",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:azul:zulu:15.42:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7832CA7-569F-4C01-991C-F74F24CC2A01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:azul:zulu:17.36:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2878A5A-63FA-4681-8643-D47DA6E9011F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:azul:zulu:19.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "B394E478-B822-488E-B74B-F46C4DB2B1A5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el producto Oracle Java SE, Oracle GraalVM Enterprise Edition de Oracle Java SE (componente: JNDI). Las versiones soportadas que est\u00e1n afectadas son Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 y 22.2.0. Una vulnerabilidad dif\u00edcil de explotar permite a un atacante no autenticado con acceso a la red por medio de m\u00faltiples protocolos comprometer a Oracle Java SE, Oracle GraalVM Enterprise Edition. Los ataques con \u00e9xito de esta vulnerabilidad pueden resultar en una actualizaci\u00f3n no autorizada, insertar o eliminar el acceso a algunos de los datos accesibles de Oracle Java SE, Oracle GraalVM Enterprise Edition. Nota: Esta vulnerabilidad es aplicada a las implantaciones de Java, normalmente en clientes que ejecutan aplicaciones Java Web Start con sandbox o applets Java con sandbox, que cargan y ejecutan c\u00f3digo que no es confiable (por ejemplo, c\u00f3digo que viene de Internet) y dependen del sandbox de Java para la seguridad. Esta vulnerabilidad tambi\u00e9n puede ser explotada mediante el uso de APIs en el Componente especificado, por ejemplo, mediante un servicio web que suministra datos a las APIs. CVSS 3.1 Puntuaci\u00f3n Base 3.7 (Impactos en la Integridad). Vector CVSS: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)"
    }
  ],
  "id": "CVE-2022-21624",
  "lastModified": "2026-05-27T17:16:25.927",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 3.7,
          "baseSeverity": "LOW",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 1.4,
        "source": "secalert_us@oracle.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2022-10-18T21:15:13.657",
  "references": [
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/37QDWJBGEPP65X43NXQTXQ7KASLUHON6/"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ARF4QF4N3X5GSFHXUBWARGLISGKJ33R/"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QLQ7OD33W6LT3HWI7VYDFFJLV75Y73K/"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EXSBV3W6EP6B7XJ63Z2FPVBH6HAPGJ5T/"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HNGMDNIHAA73BEX6XPA2IMXJSGOKKYE6/"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PB3CIGOFG7CENUVVE4FFZT2HI5FO77XU/"
    },
    {
      "source": "secalert_us@oracle.com",
      "url": "https://security.gentoo.org/glsa/202401-25"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20221028-0012/"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpuoct2022.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/37QDWJBGEPP65X43NXQTXQ7KASLUHON6/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ARF4QF4N3X5GSFHXUBWARGLISGKJ33R/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QLQ7OD33W6LT3HWI7VYDFFJLV75Y73K/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EXSBV3W6EP6B7XJ63Z2FPVBH6HAPGJ5T/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HNGMDNIHAA73BEX6XPA2IMXJSGOKKYE6/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PB3CIGOFG7CENUVVE4FFZT2HI5FO77XU/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://security.gentoo.org/glsa/202401-25"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20221028-0012/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpuoct2022.html"
    }
  ],
  "sourceIdentifier": "secalert_us@oracle.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-502"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

GHSA-H547-5JPH-P9QQ

Vulnerability from github – Published: 2022-10-19 12:00 – Updated: 2026-05-27 18:31

Details

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).

Severity

3.7 (Low)


                  
                    CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2022-21624"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-502"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-10-18T21:15:00Z",
    "severity": "LOW"
  },
  "details": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).",
  "id": "GHSA-h547-5jph-p9qq",
  "modified": "2026-05-27T18:31:34Z",
  "published": "2022-10-19T12:00:22Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21624"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/37QDWJBGEPP65X43NXQTXQ7KASLUHON6"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ARF4QF4N3X5GSFHXUBWARGLISGKJ33R"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QLQ7OD33W6LT3HWI7VYDFFJLV75Y73K"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EXSBV3W6EP6B7XJ63Z2FPVBH6HAPGJ5T"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HNGMDNIHAA73BEX6XPA2IMXJSGOKKYE6"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PB3CIGOFG7CENUVVE4FFZT2HI5FO77XU"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/37QDWJBGEPP65X43NXQTXQ7KASLUHON6"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3ARF4QF4N3X5GSFHXUBWARGLISGKJ33R"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3QLQ7OD33W6LT3HWI7VYDFFJLV75Y73K"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EXSBV3W6EP6B7XJ63Z2FPVBH6HAPGJ5T"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HNGMDNIHAA73BEX6XPA2IMXJSGOKKYE6"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PB3CIGOFG7CENUVVE4FFZT2HI5FO77XU"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202401-25"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20221028-0012"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpuoct2022.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2022-21624

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).

Aliases

CVE-2022-21624

Aliases

CVE-2022-21624

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2022-21624",
    "description": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).",
    "id": "GSD-2022-21624",
    "references": [
      "https://advisories.mageia.org/CVE-2022-21624.html",
      "https://access.redhat.com/errata/RHSA-2022:6999",
      "https://access.redhat.com/errata/RHSA-2022:7000",
      "https://access.redhat.com/errata/RHSA-2022:7001",
      "https://access.redhat.com/errata/RHSA-2022:7002",
      "https://access.redhat.com/errata/RHSA-2022:7003",
      "https://access.redhat.com/errata/RHSA-2022:7004",
      "https://access.redhat.com/errata/RHSA-2022:7005",
      "https://access.redhat.com/errata/RHSA-2022:7006",
      "https://access.redhat.com/errata/RHSA-2022:7007",
      "https://access.redhat.com/errata/RHSA-2022:7008",
      "https://access.redhat.com/errata/RHSA-2022:7009",
      "https://access.redhat.com/errata/RHSA-2022:7010",
      "https://access.redhat.com/errata/RHSA-2022:7011",
      "https://access.redhat.com/errata/RHSA-2022:7012",
      "https://access.redhat.com/errata/RHSA-2022:7013",
      "https://access.redhat.com/errata/RHSA-2022:7049",
      "https://access.redhat.com/errata/RHSA-2022:7050",
      "https://access.redhat.com/errata/RHSA-2022:7051",
      "https://access.redhat.com/errata/RHSA-2022:7052",
      "https://access.redhat.com/errata/RHSA-2022:7053",
      "https://access.redhat.com/errata/RHSA-2022:7054",
      "https://access.redhat.com/errata/RHSA-2022:8880",
      "https://access.redhat.com/errata/RHSA-2023:0128",
      "https://www.suse.com/security/cve/CVE-2022-21624.html",
      "https://ubuntu.com/security/CVE-2022-21624",
      "https://alas.aws.amazon.com/cve/html/CVE-2022-21624.html",
      "https://www.debian.org/security/2023/dsa-5331",
      "https://www.debian.org/security/2023/dsa-5335"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2022-21624"
      ],
      "details": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).",
      "id": "GSD-2022-21624",
      "modified": "2023-12-13T01:19:15.046551Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert_us@oracle.com",
        "ID": "CVE-2022-21624",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Java SE JDK and JRE",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "Oracle Java SE:8u341"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "Oracle Java SE:8u345-perf"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "Oracle Java SE:11.0.16.1"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "Oracle Java SE:17.0.4.1"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "Oracle Java SE:19"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "Oracle GraalVM Enterprise Edition:20.3.7"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "Oracle GraalVM Enterprise Edition:21.3.3"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "Oracle GraalVM Enterprise Edition:22.2.0"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Oracle Corporation"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)."
          }
        ]
      },
      "impact": {
        "cvss": [
          {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition.  Successful attacks of this vulnerability can result in  unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data."
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.oracle.com/security-alerts/cpuoct2022.html",
            "refsource": "MISC",
            "url": "https://www.oracle.com/security-alerts/cpuoct2022.html"
          },
          {
            "name": "https://security.netapp.com/advisory/ntap-20221028-0012/",
            "refsource": "MISC",
            "url": "https://security.netapp.com/advisory/ntap-20221028-0012/"
          },
          {
            "name": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PB3CIGOFG7CENUVVE4FFZT2HI5FO77XU/",
            "refsource": "MISC",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PB3CIGOFG7CENUVVE4FFZT2HI5FO77XU/"
          },
          {
            "name": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/37QDWJBGEPP65X43NXQTXQ7KASLUHON6/",
            "refsource": "MISC",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/37QDWJBGEPP65X43NXQTXQ7KASLUHON6/"
          },
          {
            "name": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QLQ7OD33W6LT3HWI7VYDFFJLV75Y73K/",
            "refsource": "MISC",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QLQ7OD33W6LT3HWI7VYDFFJLV75Y73K/"
          },
          {
            "name": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HNGMDNIHAA73BEX6XPA2IMXJSGOKKYE6/",
            "refsource": "MISC",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HNGMDNIHAA73BEX6XPA2IMXJSGOKKYE6/"
          },
          {
            "name": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EXSBV3W6EP6B7XJ63Z2FPVBH6HAPGJ5T/",
            "refsource": "MISC",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EXSBV3W6EP6B7XJ63Z2FPVBH6HAPGJ5T/"
          },
          {
            "name": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ARF4QF4N3X5GSFHXUBWARGLISGKJ33R/",
            "refsource": "MISC",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ARF4QF4N3X5GSFHXUBWARGLISGKJ33R/"
          },
          {
            "name": "https://security.gentoo.org/glsa/202401-25",
            "refsource": "MISC",
            "url": "https://security.gentoo.org/glsa/202401-25"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "configurations": [
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:a:oracle:graalvm:20.3.7:*:*:*:enterprise:*:*:*",
                    "matchCriteriaId": "0DDD4602-7175-4DB6-B9D9-E7CDF482D263",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:oracle:graalvm:21.3.3:*:*:*:enterprise:*:*:*",
                    "matchCriteriaId": "71668668-8383-4366-A184-F26455271914",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:oracle:graalvm:22.2.0:*:*:*:enterprise:*:*:*",
                    "matchCriteriaId": "C99B4F5D-3784-42B8-89CA-CDD2AA86B80E",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update341:*:*:*:*:*:*",
                    "matchCriteriaId": "EC1EEFCE-432E-40EE-B547-A193896C4CA4",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update345:*:*:enterprise_performance_pack:*:*:*",
                    "matchCriteriaId": "FB70CB5F-AABC-4CF2-B17E-D9C8D1E22F1F",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:oracle:jdk:11.0.16.1:*:*:*:*:*:*:*",
                    "matchCriteriaId": "C13BD2F4-05F5-44FD-A217-2049CA5E680B",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:oracle:jdk:17.0.4.1:*:*:*:*:*:*:*",
                    "matchCriteriaId": "05CB121D-1430-47CE-BF7B-9567A234C7D3",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:oracle:jdk:19:*:*:*:*:*:*:*",
                    "matchCriteriaId": "361979FB-5B05-46A5-A6A2-993B51DF9E44",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:oracle:jre:1.8.0:update341:*:*:*:*:*:*",
                    "matchCriteriaId": "94F132CF-6D24-4E80-B959-7ED1F247C3D5",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:oracle:jre:1.8.0:update345:*:*:enterprise_performance_pack:*:*:*",
                    "matchCriteriaId": "B472E91E-F08F-4CBB-8FDB-37F8EDFB602E",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:oracle:jre:11.0.16.1:*:*:*:*:*:*:*",
                    "matchCriteriaId": "99A04E21-5FCB-4DA7-873A-2FE3AA713669",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:oracle:jre:17.0.4.1:*:*:*:*:*:*:*",
                    "matchCriteriaId": "DCF1C861-79F0-47F8-96E9-6AE0AEFDEC8A",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:oracle:jre:19:*:*:*:*:*:*:*",
                    "matchCriteriaId": "435B90D6-F0BE-4451-867B-C31116D52A9C",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
                    "matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
                    "matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:a:netapp:7-mode_transition_tool:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "7EF6650C-558D-45C8-AE7D-136EE70CB6D7",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:netapp:cloud_insights_acquisition_unit:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "CCAA4004-9319-478C-9D55-0E8307F872F6",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:netapp:cloud_secure_agent:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "F0F202E8-97E6-4BBB-A0B6-4CA3F5803C08",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "A0DA944C-4992-424D-BC82-474585DAC5DF",
                    "versionEndIncluding": "11.70.2",
                    "versionStartIncluding": "11.0",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "0D9CC59D-6182-4B5E-96B5-226FCD343916",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:netapp:e-series_santricity_unified_manager:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "BB695329-036B-447D-BEB0-AA4D89D1D99C",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "5735E553-9731-4AAC-BCFF-989377F817B3",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:netapp:santricity_storage_plugin:-:*:*:*:*:vcenter:*:*",
                    "matchCriteriaId": "82E94B87-065E-475F-815C-F49978CE22FC",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:netapp:santricity_web_services_proxy:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "84007013-7E55-40E3-94F7-55C04D69AE3C",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:a:azul:zulu:6.49:*:*:*:*:*:*:*",
                    "matchCriteriaId": "DCB7D337-B3E6-4BCE-8249-0473D2DE08BC",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:azul:zulu:7.56:*:*:*:*:*:*:*",
                    "matchCriteriaId": "285FB110-9501-4F23-BC21-B2EE1E1B82BA",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:azul:zulu:8.64:*:*:*:*:*:*:*",
                    "matchCriteriaId": "FB77FECF-07E1-448E-86F2-DD78B443D7C0",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:azul:zulu:11.58:*:*:*:*:*:*:*",
                    "matchCriteriaId": "9323C11D-50C6-4356-A2FF-294F750906AE",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:azul:zulu:13.50:*:*:*:*:*:*:*",
                    "matchCriteriaId": "DC373919-C38D-4E22-A52D-BA9074E88124",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:azul:zulu:15.42:*:*:*:*:*:*:*",
                    "matchCriteriaId": "E7832CA7-569F-4C01-991C-F74F24CC2A01",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:azul:zulu:17.36:*:*:*:*:*:*:*",
                    "matchCriteriaId": "F2878A5A-63FA-4681-8643-D47DA6E9011F",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:azul:zulu:19.28:*:*:*:*:*:*:*",
                    "matchCriteriaId": "B394E478-B822-488E-B74B-F46C4DB2B1A5",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          }
        ],
        "descriptions": [
          {
            "lang": "en",
            "value": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)."
          },
          {
            "lang": "es",
            "value": "Una vulnerabilidad en el producto Oracle Java SE, Oracle GraalVM Enterprise Edition de Oracle Java SE (componente: JNDI). Las versiones soportadas que est\u00e1n afectadas son Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 y 22.2.0. Una vulnerabilidad dif\u00edcil de explotar permite a un atacante no autenticado con acceso a la red por medio de m\u00faltiples protocolos comprometer a Oracle Java SE, Oracle GraalVM Enterprise Edition. Los ataques con \u00e9xito de esta vulnerabilidad pueden resultar en una actualizaci\u00f3n no autorizada, insertar o eliminar el acceso a algunos de los datos accesibles de Oracle Java SE, Oracle GraalVM Enterprise Edition. Nota: Esta vulnerabilidad es aplicada a las implantaciones de Java, normalmente en clientes que ejecutan aplicaciones Java Web Start con sandbox o applets Java con sandbox, que cargan y ejecutan c\u00f3digo que no es confiable (por ejemplo, c\u00f3digo que viene de Internet) y dependen del sandbox de Java para la seguridad. Esta vulnerabilidad tambi\u00e9n puede ser explotada mediante el uso de APIs en el Componente especificado, por ejemplo, mediante un servicio web que suministra datos a las APIs. CVSS 3.1 Puntuaci\u00f3n Base 3.7 (Impactos en la Integridad). Vector CVSS: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)"
          }
        ],
        "id": "CVE-2022-21624",
        "lastModified": "2024-01-17T15:15:09.310",
        "metrics": {
          "cvssMetricV31": [
            {
              "cvssData": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 3.7,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              "exploitabilityScore": 2.2,
              "impactScore": 1.4,
              "source": "secalert_us@oracle.com",
              "type": "Primary"
            }
          ]
        },
        "published": "2022-10-18T21:15:13.657",
        "references": [
          {
            "source": "secalert_us@oracle.com",
            "tags": [
              "Mailing List",
              "Third Party Advisory"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/37QDWJBGEPP65X43NXQTXQ7KASLUHON6/"
          },
          {
            "source": "secalert_us@oracle.com",
            "tags": [
              "Mailing List",
              "Third Party Advisory"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ARF4QF4N3X5GSFHXUBWARGLISGKJ33R/"
          },
          {
            "source": "secalert_us@oracle.com",
            "tags": [
              "Mailing List",
              "Third Party Advisory"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QLQ7OD33W6LT3HWI7VYDFFJLV75Y73K/"
          },
          {
            "source": "secalert_us@oracle.com",
            "tags": [
              "Mailing List",
              "Third Party Advisory"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EXSBV3W6EP6B7XJ63Z2FPVBH6HAPGJ5T/"
          },
          {
            "source": "secalert_us@oracle.com",
            "tags": [
              "Mailing List",
              "Third Party Advisory"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HNGMDNIHAA73BEX6XPA2IMXJSGOKKYE6/"
          },
          {
            "source": "secalert_us@oracle.com",
            "tags": [
              "Mailing List",
              "Third Party Advisory"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PB3CIGOFG7CENUVVE4FFZT2HI5FO77XU/"
          },
          {
            "source": "secalert_us@oracle.com",
            "url": "https://security.gentoo.org/glsa/202401-25"
          },
          {
            "source": "secalert_us@oracle.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20221028-0012/"
          },
          {
            "source": "secalert_us@oracle.com",
            "tags": [
              "Patch",
              "Vendor Advisory"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuoct2022.html"
          }
        ],
        "sourceIdentifier": "secalert_us@oracle.com",
        "vulnStatus": "Modified",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "NVD-CWE-noinfo"
              }
            ],
            "source": "nvd@nist.gov",
            "type": "Primary"
          }
        ]
      }
    }
  }
}

MSRC_CVE-2022-21624

Vulnerability from csaf_microsoft - Published: 2022-10-02 00:00 - Updated: 2025-10-01 23:11

Summary

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web

Notes

Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle

Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

CVE-2022-21624

3.7 (Low)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: 16968-16820		—

Known affected 1 product

Product	Identifier	Version	Remediation
Unresolved product id: 16820-1		—	Vendor Fix fix

References

4 references

URL	Category
https://msrc.microsoft.com/csaf/vex/2022/msrc_cve…	self
https://support.microsoft.com/lifecycle	external
https://www.first.org/cvss	external
https://msrc.microsoft.com/csaf/vex/2022/msrc_cve…	self

JSON

To clipboard

{
  "document": {
    "category": "csaf_vex",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Public",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
        "title": "Additional Resources"
      },
      {
        "category": "legal_disclaimer",
        "text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
        "title": "Disclaimer"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "secure@microsoft.com",
      "name": "Microsoft Security Response Center",
      "namespace": "https://msrc.microsoft.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "CVE-2022-21624 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web - VEX",
        "url": "https://msrc.microsoft.com/csaf/vex/2022/msrc_cve-2022-21624.json"
      },
      {
        "category": "external",
        "summary": "Microsoft Support Lifecycle",
        "url": "https://support.microsoft.com/lifecycle"
      },
      {
        "category": "external",
        "summary": "Common Vulnerability Scoring System",
        "url": "https://www.first.org/cvss"
      }
    ],
    "title": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web",
    "tracking": {
      "current_release_date": "2025-10-01T23:11:15.000Z",
      "generator": {
        "date": "2025-12-27T17:27:57.933Z",
        "engine": {
          "name": "MSRC Generator",
          "version": "1.0"
        }
      },
      "id": "msrc_CVE-2022-21624",
      "initial_release_date": "2022-10-02T00:00:00.000Z",
      "revision_history": [
        {
          "date": "2025-10-01T23:11:15.000Z",
          "legacy_version": "1",
          "number": "1",
          "summary": "Information published."
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "1.0",
                "product": {
                  "name": "CBL Mariner 1.0",
                  "product_id": "16820"
                }
              }
            ],
            "category": "product_name",
            "name": "Azure Linux"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003ccm1 openjdk8 1.8.0.332-2",
                "product": {
                  "name": "\u003ccm1 openjdk8 1.8.0.332-2",
                  "product_id": "1"
                }
              },
              {
                "category": "product_version",
                "name": "cm1 openjdk8 1.8.0.332-2",
                "product": {
                  "name": "cm1 openjdk8 1.8.0.332-2",
                  "product_id": "16968"
                }
              }
            ],
            "category": "product_name",
            "name": "openjdk8"
          }
        ],
        "category": "vendor",
        "name": "Microsoft"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "\u003ccm1 openjdk8 1.8.0.332-2 as a component of CBL Mariner 1.0",
          "product_id": "16820-1"
        },
        "product_reference": "1",
        "relates_to_product_reference": "16820"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cm1 openjdk8 1.8.0.332-2 as a component of CBL Mariner 1.0",
          "product_id": "16968-16820"
        },
        "product_reference": "16968",
        "relates_to_product_reference": "16820"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-21624",
      "notes": [
        {
          "category": "general",
          "text": "oracle",
          "title": "Assigning CNA"
        }
      ],
      "product_status": {
        "fixed": [
          "16968-16820"
        ],
        "known_affected": [
          "16820-1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2022-21624 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web - VEX",
          "url": "https://msrc.microsoft.com/csaf/vex/2022/msrc_cve-2022-21624.json"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-10-01T23:11:15.000Z",
          "details": "1.8.0.332-2:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
          "product_ids": [
            "16820-1"
          ],
          "url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "environmentalsScore": 0.0,
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 3.7,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "16820-1"
          ]
        }
      ],
      "title": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web"
    }
  ]
}

OPENSUSE-SU-2024:12431-1

Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00

Summary

java-11-openjdk-11.0.17.0-1.1 on GA media

Severity

Moderate

Notes

Title of the patch: java-11-openjdk-11.0.17.0-1.1 on GA media

Description of the patch: These are all security issues fixed in the java-11-openjdk-11.0.17.0-1.1 package on the GA media of openSUSE Tumbleweed.

Patchnames: openSUSE-Tumbleweed-2024-12431

Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

CVE-2022-21618

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Affected products

Recommended 32 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2022-21619

3.7 (Low)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

Affected products

Recommended 32 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.x86_64	—	Vendor Fix

Threats

Impact low

CVE-2022-21624

3.7 (Low)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

Affected products

Recommended 32 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.x86_64	—	Vendor Fix

Threats

Impact low

CVE-2022-21626

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Affected products

Recommended 32 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2022-21628

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Affected products

Recommended 32 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2022-39399

3.7 (Low)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

Affected products

Recommended 32 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.x86_64	—	Vendor Fix

Threats

Impact low

References

26 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/o…	self
https://www.suse.com/security/cve/CVE-2022-21618/	self
https://www.suse.com/security/cve/CVE-2022-21619/	self
https://www.suse.com/security/cve/CVE-2022-21624/	self
https://www.suse.com/security/cve/CVE-2022-21626/	self
https://www.suse.com/security/cve/CVE-2022-21628/	self
https://www.suse.com/security/cve/CVE-2022-39399/	self
https://www.suse.com/security/cve/CVE-2022-21618	external
https://bugzilla.suse.com/1204468	external
https://bugzilla.suse.com/1205302	external
https://www.suse.com/security/cve/CVE-2022-21619	external
https://bugzilla.suse.com/1204473	external
https://bugzilla.suse.com/1205302	external
https://www.suse.com/security/cve/CVE-2022-21624	external
https://bugzilla.suse.com/1204475	external
https://bugzilla.suse.com/1205302	external
https://www.suse.com/security/cve/CVE-2022-21626	external
https://bugzilla.suse.com/1204471	external
https://bugzilla.suse.com/1205302	external
https://www.suse.com/security/cve/CVE-2022-21628	external
https://bugzilla.suse.com/1204472	external
https://bugzilla.suse.com/1205302	external
https://www.suse.com/security/cve/CVE-2022-39399	external
https://bugzilla.suse.com/1204480	external
https://bugzilla.suse.com/1205302	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "java-11-openjdk-11.0.17.0-1.1 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the java-11-openjdk-11.0.17.0-1.1 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2024-12431",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_12431-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-21618 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-21618/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-21619 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-21619/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-21624 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-21624/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-21626 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-21626/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-21628 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-21628/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-39399 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-39399/"
      }
    ],
    "title": "java-11-openjdk-11.0.17.0-1.1 on GA media",
    "tracking": {
      "current_release_date": "2024-06-15T00:00:00Z",
      "generator": {
        "date": "2024-06-15T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2024:12431-1",
      "initial_release_date": "2024-06-15T00:00:00Z",
      "revision_history": [
        {
          "date": "2024-06-15T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "java-11-openjdk-11.0.17.0-1.1.aarch64",
                "product": {
                  "name": "java-11-openjdk-11.0.17.0-1.1.aarch64",
                  "product_id": "java-11-openjdk-11.0.17.0-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "java-11-openjdk-accessibility-11.0.17.0-1.1.aarch64",
                "product": {
                  "name": "java-11-openjdk-accessibility-11.0.17.0-1.1.aarch64",
                  "product_id": "java-11-openjdk-accessibility-11.0.17.0-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "java-11-openjdk-demo-11.0.17.0-1.1.aarch64",
                "product": {
                  "name": "java-11-openjdk-demo-11.0.17.0-1.1.aarch64",
                  "product_id": "java-11-openjdk-demo-11.0.17.0-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "java-11-openjdk-devel-11.0.17.0-1.1.aarch64",
                "product": {
                  "name": "java-11-openjdk-devel-11.0.17.0-1.1.aarch64",
                  "product_id": "java-11-openjdk-devel-11.0.17.0-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "java-11-openjdk-headless-11.0.17.0-1.1.aarch64",
                "product": {
                  "name": "java-11-openjdk-headless-11.0.17.0-1.1.aarch64",
                  "product_id": "java-11-openjdk-headless-11.0.17.0-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "java-11-openjdk-javadoc-11.0.17.0-1.1.aarch64",
                "product": {
                  "name": "java-11-openjdk-javadoc-11.0.17.0-1.1.aarch64",
                  "product_id": "java-11-openjdk-javadoc-11.0.17.0-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "java-11-openjdk-jmods-11.0.17.0-1.1.aarch64",
                "product": {
                  "name": "java-11-openjdk-jmods-11.0.17.0-1.1.aarch64",
                  "product_id": "java-11-openjdk-jmods-11.0.17.0-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "java-11-openjdk-src-11.0.17.0-1.1.aarch64",
                "product": {
                  "name": "java-11-openjdk-src-11.0.17.0-1.1.aarch64",
                  "product_id": "java-11-openjdk-src-11.0.17.0-1.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "java-11-openjdk-11.0.17.0-1.1.ppc64le",
                "product": {
                  "name": "java-11-openjdk-11.0.17.0-1.1.ppc64le",
                  "product_id": "java-11-openjdk-11.0.17.0-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "java-11-openjdk-accessibility-11.0.17.0-1.1.ppc64le",
                "product": {
                  "name": "java-11-openjdk-accessibility-11.0.17.0-1.1.ppc64le",
                  "product_id": "java-11-openjdk-accessibility-11.0.17.0-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "java-11-openjdk-demo-11.0.17.0-1.1.ppc64le",
                "product": {
                  "name": "java-11-openjdk-demo-11.0.17.0-1.1.ppc64le",
                  "product_id": "java-11-openjdk-demo-11.0.17.0-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "java-11-openjdk-devel-11.0.17.0-1.1.ppc64le",
                "product": {
                  "name": "java-11-openjdk-devel-11.0.17.0-1.1.ppc64le",
                  "product_id": "java-11-openjdk-devel-11.0.17.0-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "java-11-openjdk-headless-11.0.17.0-1.1.ppc64le",
                "product": {
                  "name": "java-11-openjdk-headless-11.0.17.0-1.1.ppc64le",
                  "product_id": "java-11-openjdk-headless-11.0.17.0-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "java-11-openjdk-javadoc-11.0.17.0-1.1.ppc64le",
                "product": {
                  "name": "java-11-openjdk-javadoc-11.0.17.0-1.1.ppc64le",
                  "product_id": "java-11-openjdk-javadoc-11.0.17.0-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "java-11-openjdk-jmods-11.0.17.0-1.1.ppc64le",
                "product": {
                  "name": "java-11-openjdk-jmods-11.0.17.0-1.1.ppc64le",
                  "product_id": "java-11-openjdk-jmods-11.0.17.0-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "java-11-openjdk-src-11.0.17.0-1.1.ppc64le",
                "product": {
                  "name": "java-11-openjdk-src-11.0.17.0-1.1.ppc64le",
                  "product_id": "java-11-openjdk-src-11.0.17.0-1.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "java-11-openjdk-11.0.17.0-1.1.s390x",
                "product": {
                  "name": "java-11-openjdk-11.0.17.0-1.1.s390x",
                  "product_id": "java-11-openjdk-11.0.17.0-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "java-11-openjdk-accessibility-11.0.17.0-1.1.s390x",
                "product": {
                  "name": "java-11-openjdk-accessibility-11.0.17.0-1.1.s390x",
                  "product_id": "java-11-openjdk-accessibility-11.0.17.0-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "java-11-openjdk-demo-11.0.17.0-1.1.s390x",
                "product": {
                  "name": "java-11-openjdk-demo-11.0.17.0-1.1.s390x",
                  "product_id": "java-11-openjdk-demo-11.0.17.0-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "java-11-openjdk-devel-11.0.17.0-1.1.s390x",
                "product": {
                  "name": "java-11-openjdk-devel-11.0.17.0-1.1.s390x",
                  "product_id": "java-11-openjdk-devel-11.0.17.0-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "java-11-openjdk-headless-11.0.17.0-1.1.s390x",
                "product": {
                  "name": "java-11-openjdk-headless-11.0.17.0-1.1.s390x",
                  "product_id": "java-11-openjdk-headless-11.0.17.0-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "java-11-openjdk-javadoc-11.0.17.0-1.1.s390x",
                "product": {
                  "name": "java-11-openjdk-javadoc-11.0.17.0-1.1.s390x",
                  "product_id": "java-11-openjdk-javadoc-11.0.17.0-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "java-11-openjdk-jmods-11.0.17.0-1.1.s390x",
                "product": {
                  "name": "java-11-openjdk-jmods-11.0.17.0-1.1.s390x",
                  "product_id": "java-11-openjdk-jmods-11.0.17.0-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "java-11-openjdk-src-11.0.17.0-1.1.s390x",
                "product": {
                  "name": "java-11-openjdk-src-11.0.17.0-1.1.s390x",
                  "product_id": "java-11-openjdk-src-11.0.17.0-1.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "java-11-openjdk-11.0.17.0-1.1.x86_64",
                "product": {
                  "name": "java-11-openjdk-11.0.17.0-1.1.x86_64",
                  "product_id": "java-11-openjdk-11.0.17.0-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "java-11-openjdk-accessibility-11.0.17.0-1.1.x86_64",
                "product": {
                  "name": "java-11-openjdk-accessibility-11.0.17.0-1.1.x86_64",
                  "product_id": "java-11-openjdk-accessibility-11.0.17.0-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "java-11-openjdk-demo-11.0.17.0-1.1.x86_64",
                "product": {
                  "name": "java-11-openjdk-demo-11.0.17.0-1.1.x86_64",
                  "product_id": "java-11-openjdk-demo-11.0.17.0-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "java-11-openjdk-devel-11.0.17.0-1.1.x86_64",
                "product": {
                  "name": "java-11-openjdk-devel-11.0.17.0-1.1.x86_64",
                  "product_id": "java-11-openjdk-devel-11.0.17.0-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "java-11-openjdk-headless-11.0.17.0-1.1.x86_64",
                "product": {
                  "name": "java-11-openjdk-headless-11.0.17.0-1.1.x86_64",
                  "product_id": "java-11-openjdk-headless-11.0.17.0-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "java-11-openjdk-javadoc-11.0.17.0-1.1.x86_64",
                "product": {
                  "name": "java-11-openjdk-javadoc-11.0.17.0-1.1.x86_64",
                  "product_id": "java-11-openjdk-javadoc-11.0.17.0-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "java-11-openjdk-jmods-11.0.17.0-1.1.x86_64",
                "product": {
                  "name": "java-11-openjdk-jmods-11.0.17.0-1.1.x86_64",
                  "product_id": "java-11-openjdk-jmods-11.0.17.0-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "java-11-openjdk-src-11.0.17.0-1.1.x86_64",
                "product": {
                  "name": "java-11-openjdk-src-11.0.17.0-1.1.x86_64",
                  "product_id": "java-11-openjdk-src-11.0.17.0-1.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-11.0.17.0-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.aarch64"
        },
        "product_reference": "java-11-openjdk-11.0.17.0-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-11.0.17.0-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.ppc64le"
        },
        "product_reference": "java-11-openjdk-11.0.17.0-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-11.0.17.0-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.s390x"
        },
        "product_reference": "java-11-openjdk-11.0.17.0-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-11.0.17.0-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.x86_64"
        },
        "product_reference": "java-11-openjdk-11.0.17.0-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-accessibility-11.0.17.0-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.aarch64"
        },
        "product_reference": "java-11-openjdk-accessibility-11.0.17.0-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-accessibility-11.0.17.0-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.ppc64le"
        },
        "product_reference": "java-11-openjdk-accessibility-11.0.17.0-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-accessibility-11.0.17.0-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.s390x"
        },
        "product_reference": "java-11-openjdk-accessibility-11.0.17.0-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-accessibility-11.0.17.0-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.x86_64"
        },
        "product_reference": "java-11-openjdk-accessibility-11.0.17.0-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-demo-11.0.17.0-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.aarch64"
        },
        "product_reference": "java-11-openjdk-demo-11.0.17.0-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-demo-11.0.17.0-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.ppc64le"
        },
        "product_reference": "java-11-openjdk-demo-11.0.17.0-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-demo-11.0.17.0-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.s390x"
        },
        "product_reference": "java-11-openjdk-demo-11.0.17.0-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-demo-11.0.17.0-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.x86_64"
        },
        "product_reference": "java-11-openjdk-demo-11.0.17.0-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-devel-11.0.17.0-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.aarch64"
        },
        "product_reference": "java-11-openjdk-devel-11.0.17.0-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-devel-11.0.17.0-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.ppc64le"
        },
        "product_reference": "java-11-openjdk-devel-11.0.17.0-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-devel-11.0.17.0-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.s390x"
        },
        "product_reference": "java-11-openjdk-devel-11.0.17.0-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-devel-11.0.17.0-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.x86_64"
        },
        "product_reference": "java-11-openjdk-devel-11.0.17.0-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-headless-11.0.17.0-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.aarch64"
        },
        "product_reference": "java-11-openjdk-headless-11.0.17.0-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-headless-11.0.17.0-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.ppc64le"
        },
        "product_reference": "java-11-openjdk-headless-11.0.17.0-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-headless-11.0.17.0-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.s390x"
        },
        "product_reference": "java-11-openjdk-headless-11.0.17.0-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-headless-11.0.17.0-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.x86_64"
        },
        "product_reference": "java-11-openjdk-headless-11.0.17.0-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-javadoc-11.0.17.0-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.aarch64"
        },
        "product_reference": "java-11-openjdk-javadoc-11.0.17.0-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-javadoc-11.0.17.0-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.ppc64le"
        },
        "product_reference": "java-11-openjdk-javadoc-11.0.17.0-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-javadoc-11.0.17.0-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.s390x"
        },
        "product_reference": "java-11-openjdk-javadoc-11.0.17.0-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-javadoc-11.0.17.0-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.x86_64"
        },
        "product_reference": "java-11-openjdk-javadoc-11.0.17.0-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-jmods-11.0.17.0-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.aarch64"
        },
        "product_reference": "java-11-openjdk-jmods-11.0.17.0-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-jmods-11.0.17.0-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.ppc64le"
        },
        "product_reference": "java-11-openjdk-jmods-11.0.17.0-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-jmods-11.0.17.0-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.s390x"
        },
        "product_reference": "java-11-openjdk-jmods-11.0.17.0-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-jmods-11.0.17.0-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.x86_64"
        },
        "product_reference": "java-11-openjdk-jmods-11.0.17.0-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-src-11.0.17.0-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.aarch64"
        },
        "product_reference": "java-11-openjdk-src-11.0.17.0-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-src-11.0.17.0-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.ppc64le"
        },
        "product_reference": "java-11-openjdk-src-11.0.17.0-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-src-11.0.17.0-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.s390x"
        },
        "product_reference": "java-11-openjdk-src-11.0.17.0-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-src-11.0.17.0-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.x86_64"
        },
        "product_reference": "java-11-openjdk-src-11.0.17.0-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-21618",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-21618"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JGSS). Supported versions that are affected are Oracle Java SE: 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 21.3.3 and 22.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via Kerberos to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.s390x",
          "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.s390x",
          "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.s390x",
          "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.s390x",
          "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.s390x",
          "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.s390x",
          "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.s390x",
          "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.s390x",
          "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-21618",
          "url": "https://www.suse.com/security/cve/CVE-2022-21618"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204468 for CVE-2022-21618",
          "url": "https://bugzilla.suse.com/1204468"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1205302 for CVE-2022-21618",
          "url": "https://bugzilla.suse.com/1205302"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-21618"
    },
    {
      "cve": "CVE-2022-21619",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-21619"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.s390x",
          "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.s390x",
          "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.s390x",
          "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.s390x",
          "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.s390x",
          "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.s390x",
          "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.s390x",
          "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.s390x",
          "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-21619",
          "url": "https://www.suse.com/security/cve/CVE-2022-21619"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204473 for CVE-2022-21619",
          "url": "https://bugzilla.suse.com/1204473"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1205302 for CVE-2022-21619",
          "url": "https://bugzilla.suse.com/1205302"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2022-21619"
    },
    {
      "cve": "CVE-2022-21624",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-21624"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.s390x",
          "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.s390x",
          "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.s390x",
          "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.s390x",
          "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.s390x",
          "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.s390x",
          "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.s390x",
          "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.s390x",
          "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-21624",
          "url": "https://www.suse.com/security/cve/CVE-2022-21624"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204475 for CVE-2022-21624",
          "url": "https://bugzilla.suse.com/1204475"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1205302 for CVE-2022-21624",
          "url": "https://bugzilla.suse.com/1205302"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2022-21624"
    },
    {
      "cve": "CVE-2022-21626",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-21626"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.s390x",
          "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.s390x",
          "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.s390x",
          "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.s390x",
          "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.s390x",
          "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.s390x",
          "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.s390x",
          "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.s390x",
          "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-21626",
          "url": "https://www.suse.com/security/cve/CVE-2022-21626"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204471 for CVE-2022-21626",
          "url": "https://bugzilla.suse.com/1204471"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1205302 for CVE-2022-21626",
          "url": "https://bugzilla.suse.com/1205302"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-21626"
    },
    {
      "cve": "CVE-2022-21628",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-21628"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Lightweight HTTP Server). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.s390x",
          "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.s390x",
          "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.s390x",
          "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.s390x",
          "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.s390x",
          "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.s390x",
          "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.s390x",
          "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.s390x",
          "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-21628",
          "url": "https://www.suse.com/security/cve/CVE-2022-21628"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204472 for CVE-2022-21628",
          "url": "https://bugzilla.suse.com/1204472"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1205302 for CVE-2022-21628",
          "url": "https://bugzilla.suse.com/1205302"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-21628"
    },
    {
      "cve": "CVE-2022-39399",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-39399"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.s390x",
          "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.s390x",
          "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.s390x",
          "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.s390x",
          "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.s390x",
          "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.s390x",
          "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.s390x",
          "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.s390x",
          "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-39399",
          "url": "https://www.suse.com/security/cve/CVE-2022-39399"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204480 for CVE-2022-39399",
          "url": "https://bugzilla.suse.com/1204480"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1205302 for CVE-2022-39399",
          "url": "https://bugzilla.suse.com/1205302"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.17.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.s390x",
            "openSUSE Tumbleweed:java-11-openjdk-src-11.0.17.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2022-39399"
    }
  ]
}

OPENSUSE-SU-2024:12432-1

Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00

Summary

java-17-openjdk-17.0.5.0-1.1 on GA media

Severity

Moderate

Notes

Title of the patch: java-17-openjdk-17.0.5.0-1.1 on GA media

Description of the patch: These are all security issues fixed in the java-17-openjdk-17.0.5.0-1.1 package on the GA media of openSUSE Tumbleweed.

Patchnames: openSUSE-Tumbleweed-2024-12432

Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

CVE-2022-21618

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Affected products

Recommended 32 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2022-21619

3.7 (Low)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

Affected products

Recommended 32 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.x86_64	—	Vendor Fix

Threats

Impact low

CVE-2022-21624

3.7 (Low)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

Affected products

Recommended 32 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.x86_64	—	Vendor Fix

Threats

Impact low

CVE-2022-21628

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Affected products

Recommended 32 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2022-39399

3.7 (Low)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

Affected products

Recommended 32 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.x86_64	—	Vendor Fix

Threats

Impact low

References

22 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/o…	self
https://www.suse.com/security/cve/CVE-2022-21618/	self
https://www.suse.com/security/cve/CVE-2022-21619/	self
https://www.suse.com/security/cve/CVE-2022-21624/	self
https://www.suse.com/security/cve/CVE-2022-21628/	self
https://www.suse.com/security/cve/CVE-2022-39399/	self
https://www.suse.com/security/cve/CVE-2022-21618	external
https://bugzilla.suse.com/1204468	external
https://bugzilla.suse.com/1205302	external
https://www.suse.com/security/cve/CVE-2022-21619	external
https://bugzilla.suse.com/1204473	external
https://bugzilla.suse.com/1205302	external
https://www.suse.com/security/cve/CVE-2022-21624	external
https://bugzilla.suse.com/1204475	external
https://bugzilla.suse.com/1205302	external
https://www.suse.com/security/cve/CVE-2022-21628	external
https://bugzilla.suse.com/1204472	external
https://bugzilla.suse.com/1205302	external
https://www.suse.com/security/cve/CVE-2022-39399	external
https://bugzilla.suse.com/1204480	external
https://bugzilla.suse.com/1205302	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "java-17-openjdk-17.0.5.0-1.1 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the java-17-openjdk-17.0.5.0-1.1 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2024-12432",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_12432-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-21618 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-21618/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-21619 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-21619/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-21624 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-21624/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-21628 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-21628/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-39399 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-39399/"
      }
    ],
    "title": "java-17-openjdk-17.0.5.0-1.1 on GA media",
    "tracking": {
      "current_release_date": "2024-06-15T00:00:00Z",
      "generator": {
        "date": "2024-06-15T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2024:12432-1",
      "initial_release_date": "2024-06-15T00:00:00Z",
      "revision_history": [
        {
          "date": "2024-06-15T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "java-17-openjdk-17.0.5.0-1.1.aarch64",
                "product": {
                  "name": "java-17-openjdk-17.0.5.0-1.1.aarch64",
                  "product_id": "java-17-openjdk-17.0.5.0-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "java-17-openjdk-accessibility-17.0.5.0-1.1.aarch64",
                "product": {
                  "name": "java-17-openjdk-accessibility-17.0.5.0-1.1.aarch64",
                  "product_id": "java-17-openjdk-accessibility-17.0.5.0-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "java-17-openjdk-demo-17.0.5.0-1.1.aarch64",
                "product": {
                  "name": "java-17-openjdk-demo-17.0.5.0-1.1.aarch64",
                  "product_id": "java-17-openjdk-demo-17.0.5.0-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "java-17-openjdk-devel-17.0.5.0-1.1.aarch64",
                "product": {
                  "name": "java-17-openjdk-devel-17.0.5.0-1.1.aarch64",
                  "product_id": "java-17-openjdk-devel-17.0.5.0-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "java-17-openjdk-headless-17.0.5.0-1.1.aarch64",
                "product": {
                  "name": "java-17-openjdk-headless-17.0.5.0-1.1.aarch64",
                  "product_id": "java-17-openjdk-headless-17.0.5.0-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "java-17-openjdk-javadoc-17.0.5.0-1.1.aarch64",
                "product": {
                  "name": "java-17-openjdk-javadoc-17.0.5.0-1.1.aarch64",
                  "product_id": "java-17-openjdk-javadoc-17.0.5.0-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "java-17-openjdk-jmods-17.0.5.0-1.1.aarch64",
                "product": {
                  "name": "java-17-openjdk-jmods-17.0.5.0-1.1.aarch64",
                  "product_id": "java-17-openjdk-jmods-17.0.5.0-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "java-17-openjdk-src-17.0.5.0-1.1.aarch64",
                "product": {
                  "name": "java-17-openjdk-src-17.0.5.0-1.1.aarch64",
                  "product_id": "java-17-openjdk-src-17.0.5.0-1.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "java-17-openjdk-17.0.5.0-1.1.ppc64le",
                "product": {
                  "name": "java-17-openjdk-17.0.5.0-1.1.ppc64le",
                  "product_id": "java-17-openjdk-17.0.5.0-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "java-17-openjdk-accessibility-17.0.5.0-1.1.ppc64le",
                "product": {
                  "name": "java-17-openjdk-accessibility-17.0.5.0-1.1.ppc64le",
                  "product_id": "java-17-openjdk-accessibility-17.0.5.0-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "java-17-openjdk-demo-17.0.5.0-1.1.ppc64le",
                "product": {
                  "name": "java-17-openjdk-demo-17.0.5.0-1.1.ppc64le",
                  "product_id": "java-17-openjdk-demo-17.0.5.0-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "java-17-openjdk-devel-17.0.5.0-1.1.ppc64le",
                "product": {
                  "name": "java-17-openjdk-devel-17.0.5.0-1.1.ppc64le",
                  "product_id": "java-17-openjdk-devel-17.0.5.0-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "java-17-openjdk-headless-17.0.5.0-1.1.ppc64le",
                "product": {
                  "name": "java-17-openjdk-headless-17.0.5.0-1.1.ppc64le",
                  "product_id": "java-17-openjdk-headless-17.0.5.0-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "java-17-openjdk-javadoc-17.0.5.0-1.1.ppc64le",
                "product": {
                  "name": "java-17-openjdk-javadoc-17.0.5.0-1.1.ppc64le",
                  "product_id": "java-17-openjdk-javadoc-17.0.5.0-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "java-17-openjdk-jmods-17.0.5.0-1.1.ppc64le",
                "product": {
                  "name": "java-17-openjdk-jmods-17.0.5.0-1.1.ppc64le",
                  "product_id": "java-17-openjdk-jmods-17.0.5.0-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "java-17-openjdk-src-17.0.5.0-1.1.ppc64le",
                "product": {
                  "name": "java-17-openjdk-src-17.0.5.0-1.1.ppc64le",
                  "product_id": "java-17-openjdk-src-17.0.5.0-1.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "java-17-openjdk-17.0.5.0-1.1.s390x",
                "product": {
                  "name": "java-17-openjdk-17.0.5.0-1.1.s390x",
                  "product_id": "java-17-openjdk-17.0.5.0-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "java-17-openjdk-accessibility-17.0.5.0-1.1.s390x",
                "product": {
                  "name": "java-17-openjdk-accessibility-17.0.5.0-1.1.s390x",
                  "product_id": "java-17-openjdk-accessibility-17.0.5.0-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "java-17-openjdk-demo-17.0.5.0-1.1.s390x",
                "product": {
                  "name": "java-17-openjdk-demo-17.0.5.0-1.1.s390x",
                  "product_id": "java-17-openjdk-demo-17.0.5.0-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "java-17-openjdk-devel-17.0.5.0-1.1.s390x",
                "product": {
                  "name": "java-17-openjdk-devel-17.0.5.0-1.1.s390x",
                  "product_id": "java-17-openjdk-devel-17.0.5.0-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "java-17-openjdk-headless-17.0.5.0-1.1.s390x",
                "product": {
                  "name": "java-17-openjdk-headless-17.0.5.0-1.1.s390x",
                  "product_id": "java-17-openjdk-headless-17.0.5.0-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "java-17-openjdk-javadoc-17.0.5.0-1.1.s390x",
                "product": {
                  "name": "java-17-openjdk-javadoc-17.0.5.0-1.1.s390x",
                  "product_id": "java-17-openjdk-javadoc-17.0.5.0-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "java-17-openjdk-jmods-17.0.5.0-1.1.s390x",
                "product": {
                  "name": "java-17-openjdk-jmods-17.0.5.0-1.1.s390x",
                  "product_id": "java-17-openjdk-jmods-17.0.5.0-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "java-17-openjdk-src-17.0.5.0-1.1.s390x",
                "product": {
                  "name": "java-17-openjdk-src-17.0.5.0-1.1.s390x",
                  "product_id": "java-17-openjdk-src-17.0.5.0-1.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "java-17-openjdk-17.0.5.0-1.1.x86_64",
                "product": {
                  "name": "java-17-openjdk-17.0.5.0-1.1.x86_64",
                  "product_id": "java-17-openjdk-17.0.5.0-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "java-17-openjdk-accessibility-17.0.5.0-1.1.x86_64",
                "product": {
                  "name": "java-17-openjdk-accessibility-17.0.5.0-1.1.x86_64",
                  "product_id": "java-17-openjdk-accessibility-17.0.5.0-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "java-17-openjdk-demo-17.0.5.0-1.1.x86_64",
                "product": {
                  "name": "java-17-openjdk-demo-17.0.5.0-1.1.x86_64",
                  "product_id": "java-17-openjdk-demo-17.0.5.0-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "java-17-openjdk-devel-17.0.5.0-1.1.x86_64",
                "product": {
                  "name": "java-17-openjdk-devel-17.0.5.0-1.1.x86_64",
                  "product_id": "java-17-openjdk-devel-17.0.5.0-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "java-17-openjdk-headless-17.0.5.0-1.1.x86_64",
                "product": {
                  "name": "java-17-openjdk-headless-17.0.5.0-1.1.x86_64",
                  "product_id": "java-17-openjdk-headless-17.0.5.0-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "java-17-openjdk-javadoc-17.0.5.0-1.1.x86_64",
                "product": {
                  "name": "java-17-openjdk-javadoc-17.0.5.0-1.1.x86_64",
                  "product_id": "java-17-openjdk-javadoc-17.0.5.0-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "java-17-openjdk-jmods-17.0.5.0-1.1.x86_64",
                "product": {
                  "name": "java-17-openjdk-jmods-17.0.5.0-1.1.x86_64",
                  "product_id": "java-17-openjdk-jmods-17.0.5.0-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "java-17-openjdk-src-17.0.5.0-1.1.x86_64",
                "product": {
                  "name": "java-17-openjdk-src-17.0.5.0-1.1.x86_64",
                  "product_id": "java-17-openjdk-src-17.0.5.0-1.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-17-openjdk-17.0.5.0-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.aarch64"
        },
        "product_reference": "java-17-openjdk-17.0.5.0-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-17-openjdk-17.0.5.0-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.ppc64le"
        },
        "product_reference": "java-17-openjdk-17.0.5.0-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-17-openjdk-17.0.5.0-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.s390x"
        },
        "product_reference": "java-17-openjdk-17.0.5.0-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-17-openjdk-17.0.5.0-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.x86_64"
        },
        "product_reference": "java-17-openjdk-17.0.5.0-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-17-openjdk-accessibility-17.0.5.0-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.aarch64"
        },
        "product_reference": "java-17-openjdk-accessibility-17.0.5.0-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-17-openjdk-accessibility-17.0.5.0-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.ppc64le"
        },
        "product_reference": "java-17-openjdk-accessibility-17.0.5.0-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-17-openjdk-accessibility-17.0.5.0-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.s390x"
        },
        "product_reference": "java-17-openjdk-accessibility-17.0.5.0-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-17-openjdk-accessibility-17.0.5.0-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.x86_64"
        },
        "product_reference": "java-17-openjdk-accessibility-17.0.5.0-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-17-openjdk-demo-17.0.5.0-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.aarch64"
        },
        "product_reference": "java-17-openjdk-demo-17.0.5.0-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-17-openjdk-demo-17.0.5.0-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.ppc64le"
        },
        "product_reference": "java-17-openjdk-demo-17.0.5.0-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-17-openjdk-demo-17.0.5.0-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.s390x"
        },
        "product_reference": "java-17-openjdk-demo-17.0.5.0-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-17-openjdk-demo-17.0.5.0-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.x86_64"
        },
        "product_reference": "java-17-openjdk-demo-17.0.5.0-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-17-openjdk-devel-17.0.5.0-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.aarch64"
        },
        "product_reference": "java-17-openjdk-devel-17.0.5.0-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-17-openjdk-devel-17.0.5.0-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.ppc64le"
        },
        "product_reference": "java-17-openjdk-devel-17.0.5.0-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-17-openjdk-devel-17.0.5.0-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.s390x"
        },
        "product_reference": "java-17-openjdk-devel-17.0.5.0-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-17-openjdk-devel-17.0.5.0-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.x86_64"
        },
        "product_reference": "java-17-openjdk-devel-17.0.5.0-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-17-openjdk-headless-17.0.5.0-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.aarch64"
        },
        "product_reference": "java-17-openjdk-headless-17.0.5.0-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-17-openjdk-headless-17.0.5.0-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.ppc64le"
        },
        "product_reference": "java-17-openjdk-headless-17.0.5.0-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-17-openjdk-headless-17.0.5.0-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.s390x"
        },
        "product_reference": "java-17-openjdk-headless-17.0.5.0-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-17-openjdk-headless-17.0.5.0-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.x86_64"
        },
        "product_reference": "java-17-openjdk-headless-17.0.5.0-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-17-openjdk-javadoc-17.0.5.0-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.aarch64"
        },
        "product_reference": "java-17-openjdk-javadoc-17.0.5.0-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-17-openjdk-javadoc-17.0.5.0-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.ppc64le"
        },
        "product_reference": "java-17-openjdk-javadoc-17.0.5.0-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-17-openjdk-javadoc-17.0.5.0-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.s390x"
        },
        "product_reference": "java-17-openjdk-javadoc-17.0.5.0-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-17-openjdk-javadoc-17.0.5.0-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.x86_64"
        },
        "product_reference": "java-17-openjdk-javadoc-17.0.5.0-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-17-openjdk-jmods-17.0.5.0-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.aarch64"
        },
        "product_reference": "java-17-openjdk-jmods-17.0.5.0-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-17-openjdk-jmods-17.0.5.0-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.ppc64le"
        },
        "product_reference": "java-17-openjdk-jmods-17.0.5.0-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-17-openjdk-jmods-17.0.5.0-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.s390x"
        },
        "product_reference": "java-17-openjdk-jmods-17.0.5.0-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-17-openjdk-jmods-17.0.5.0-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.x86_64"
        },
        "product_reference": "java-17-openjdk-jmods-17.0.5.0-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-17-openjdk-src-17.0.5.0-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.aarch64"
        },
        "product_reference": "java-17-openjdk-src-17.0.5.0-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-17-openjdk-src-17.0.5.0-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.ppc64le"
        },
        "product_reference": "java-17-openjdk-src-17.0.5.0-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-17-openjdk-src-17.0.5.0-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.s390x"
        },
        "product_reference": "java-17-openjdk-src-17.0.5.0-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-17-openjdk-src-17.0.5.0-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.x86_64"
        },
        "product_reference": "java-17-openjdk-src-17.0.5.0-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-21618",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-21618"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JGSS). Supported versions that are affected are Oracle Java SE: 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 21.3.3 and 22.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via Kerberos to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.s390x",
          "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.s390x",
          "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.s390x",
          "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.s390x",
          "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.s390x",
          "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.s390x",
          "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.s390x",
          "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.s390x",
          "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-21618",
          "url": "https://www.suse.com/security/cve/CVE-2022-21618"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204468 for CVE-2022-21618",
          "url": "https://bugzilla.suse.com/1204468"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1205302 for CVE-2022-21618",
          "url": "https://bugzilla.suse.com/1205302"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-21618"
    },
    {
      "cve": "CVE-2022-21619",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-21619"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.s390x",
          "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.s390x",
          "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.s390x",
          "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.s390x",
          "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.s390x",
          "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.s390x",
          "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.s390x",
          "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.s390x",
          "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-21619",
          "url": "https://www.suse.com/security/cve/CVE-2022-21619"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204473 for CVE-2022-21619",
          "url": "https://bugzilla.suse.com/1204473"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1205302 for CVE-2022-21619",
          "url": "https://bugzilla.suse.com/1205302"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2022-21619"
    },
    {
      "cve": "CVE-2022-21624",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-21624"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.s390x",
          "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.s390x",
          "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.s390x",
          "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.s390x",
          "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.s390x",
          "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.s390x",
          "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.s390x",
          "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.s390x",
          "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-21624",
          "url": "https://www.suse.com/security/cve/CVE-2022-21624"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204475 for CVE-2022-21624",
          "url": "https://bugzilla.suse.com/1204475"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1205302 for CVE-2022-21624",
          "url": "https://bugzilla.suse.com/1205302"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2022-21624"
    },
    {
      "cve": "CVE-2022-21628",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-21628"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Lightweight HTTP Server). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.s390x",
          "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.s390x",
          "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.s390x",
          "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.s390x",
          "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.s390x",
          "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.s390x",
          "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.s390x",
          "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.s390x",
          "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-21628",
          "url": "https://www.suse.com/security/cve/CVE-2022-21628"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204472 for CVE-2022-21628",
          "url": "https://bugzilla.suse.com/1204472"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1205302 for CVE-2022-21628",
          "url": "https://bugzilla.suse.com/1205302"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-21628"
    },
    {
      "cve": "CVE-2022-39399",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-39399"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.s390x",
          "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.s390x",
          "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.s390x",
          "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.s390x",
          "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.s390x",
          "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.s390x",
          "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.s390x",
          "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.s390x",
          "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-39399",
          "url": "https://www.suse.com/security/cve/CVE-2022-39399"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204480 for CVE-2022-39399",
          "url": "https://bugzilla.suse.com/1204480"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1205302 for CVE-2022-39399",
          "url": "https://bugzilla.suse.com/1205302"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.5.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.s390x",
            "openSUSE Tumbleweed:java-17-openjdk-src-17.0.5.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2022-39399"
    }
  ]
}

OPENSUSE-SU-2024:12441-1

Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00

Summary

java-13-openjdk-13.0.13.0-1.1 on GA media

Severity

Moderate

Notes

Title of the patch: java-13-openjdk-13.0.13.0-1.1 on GA media

Description of the patch: These are all security issues fixed in the java-13-openjdk-13.0.13.0-1.1 package on the GA media of openSUSE Tumbleweed.

Patchnames: openSUSE-Tumbleweed-2024-12441

Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

CVE-2022-21618

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Affected products

Recommended 32 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2022-21619

3.7 (Low)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

Affected products

Recommended 32 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.x86_64	—	Vendor Fix

Threats

Impact low

CVE-2022-21624

3.7 (Low)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

Affected products

Recommended 32 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.x86_64	—	Vendor Fix

Threats

Impact low

CVE-2022-21626

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Affected products

Recommended 32 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2022-21628

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Affected products

Recommended 32 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2022-39399

3.7 (Low)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

Affected products

Recommended 32 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.x86_64	—	Vendor Fix

Threats

Impact low

References

26 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/o…	self
https://www.suse.com/security/cve/CVE-2022-21618/	self
https://www.suse.com/security/cve/CVE-2022-21619/	self
https://www.suse.com/security/cve/CVE-2022-21624/	self
https://www.suse.com/security/cve/CVE-2022-21626/	self
https://www.suse.com/security/cve/CVE-2022-21628/	self
https://www.suse.com/security/cve/CVE-2022-39399/	self
https://www.suse.com/security/cve/CVE-2022-21618	external
https://bugzilla.suse.com/1204468	external
https://bugzilla.suse.com/1205302	external
https://www.suse.com/security/cve/CVE-2022-21619	external
https://bugzilla.suse.com/1204473	external
https://bugzilla.suse.com/1205302	external
https://www.suse.com/security/cve/CVE-2022-21624	external
https://bugzilla.suse.com/1204475	external
https://bugzilla.suse.com/1205302	external
https://www.suse.com/security/cve/CVE-2022-21626	external
https://bugzilla.suse.com/1204471	external
https://bugzilla.suse.com/1205302	external
https://www.suse.com/security/cve/CVE-2022-21628	external
https://bugzilla.suse.com/1204472	external
https://bugzilla.suse.com/1205302	external
https://www.suse.com/security/cve/CVE-2022-39399	external
https://bugzilla.suse.com/1204480	external
https://bugzilla.suse.com/1205302	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "java-13-openjdk-13.0.13.0-1.1 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the java-13-openjdk-13.0.13.0-1.1 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2024-12441",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_12441-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-21618 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-21618/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-21619 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-21619/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-21624 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-21624/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-21626 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-21626/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-21628 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-21628/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-39399 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-39399/"
      }
    ],
    "title": "java-13-openjdk-13.0.13.0-1.1 on GA media",
    "tracking": {
      "current_release_date": "2024-06-15T00:00:00Z",
      "generator": {
        "date": "2024-06-15T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2024:12441-1",
      "initial_release_date": "2024-06-15T00:00:00Z",
      "revision_history": [
        {
          "date": "2024-06-15T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "java-13-openjdk-13.0.13.0-1.1.aarch64",
                "product": {
                  "name": "java-13-openjdk-13.0.13.0-1.1.aarch64",
                  "product_id": "java-13-openjdk-13.0.13.0-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "java-13-openjdk-accessibility-13.0.13.0-1.1.aarch64",
                "product": {
                  "name": "java-13-openjdk-accessibility-13.0.13.0-1.1.aarch64",
                  "product_id": "java-13-openjdk-accessibility-13.0.13.0-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "java-13-openjdk-demo-13.0.13.0-1.1.aarch64",
                "product": {
                  "name": "java-13-openjdk-demo-13.0.13.0-1.1.aarch64",
                  "product_id": "java-13-openjdk-demo-13.0.13.0-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "java-13-openjdk-devel-13.0.13.0-1.1.aarch64",
                "product": {
                  "name": "java-13-openjdk-devel-13.0.13.0-1.1.aarch64",
                  "product_id": "java-13-openjdk-devel-13.0.13.0-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "java-13-openjdk-headless-13.0.13.0-1.1.aarch64",
                "product": {
                  "name": "java-13-openjdk-headless-13.0.13.0-1.1.aarch64",
                  "product_id": "java-13-openjdk-headless-13.0.13.0-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "java-13-openjdk-javadoc-13.0.13.0-1.1.aarch64",
                "product": {
                  "name": "java-13-openjdk-javadoc-13.0.13.0-1.1.aarch64",
                  "product_id": "java-13-openjdk-javadoc-13.0.13.0-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "java-13-openjdk-jmods-13.0.13.0-1.1.aarch64",
                "product": {
                  "name": "java-13-openjdk-jmods-13.0.13.0-1.1.aarch64",
                  "product_id": "java-13-openjdk-jmods-13.0.13.0-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "java-13-openjdk-src-13.0.13.0-1.1.aarch64",
                "product": {
                  "name": "java-13-openjdk-src-13.0.13.0-1.1.aarch64",
                  "product_id": "java-13-openjdk-src-13.0.13.0-1.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "java-13-openjdk-13.0.13.0-1.1.ppc64le",
                "product": {
                  "name": "java-13-openjdk-13.0.13.0-1.1.ppc64le",
                  "product_id": "java-13-openjdk-13.0.13.0-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "java-13-openjdk-accessibility-13.0.13.0-1.1.ppc64le",
                "product": {
                  "name": "java-13-openjdk-accessibility-13.0.13.0-1.1.ppc64le",
                  "product_id": "java-13-openjdk-accessibility-13.0.13.0-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "java-13-openjdk-demo-13.0.13.0-1.1.ppc64le",
                "product": {
                  "name": "java-13-openjdk-demo-13.0.13.0-1.1.ppc64le",
                  "product_id": "java-13-openjdk-demo-13.0.13.0-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "java-13-openjdk-devel-13.0.13.0-1.1.ppc64le",
                "product": {
                  "name": "java-13-openjdk-devel-13.0.13.0-1.1.ppc64le",
                  "product_id": "java-13-openjdk-devel-13.0.13.0-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "java-13-openjdk-headless-13.0.13.0-1.1.ppc64le",
                "product": {
                  "name": "java-13-openjdk-headless-13.0.13.0-1.1.ppc64le",
                  "product_id": "java-13-openjdk-headless-13.0.13.0-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "java-13-openjdk-javadoc-13.0.13.0-1.1.ppc64le",
                "product": {
                  "name": "java-13-openjdk-javadoc-13.0.13.0-1.1.ppc64le",
                  "product_id": "java-13-openjdk-javadoc-13.0.13.0-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "java-13-openjdk-jmods-13.0.13.0-1.1.ppc64le",
                "product": {
                  "name": "java-13-openjdk-jmods-13.0.13.0-1.1.ppc64le",
                  "product_id": "java-13-openjdk-jmods-13.0.13.0-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "java-13-openjdk-src-13.0.13.0-1.1.ppc64le",
                "product": {
                  "name": "java-13-openjdk-src-13.0.13.0-1.1.ppc64le",
                  "product_id": "java-13-openjdk-src-13.0.13.0-1.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "java-13-openjdk-13.0.13.0-1.1.s390x",
                "product": {
                  "name": "java-13-openjdk-13.0.13.0-1.1.s390x",
                  "product_id": "java-13-openjdk-13.0.13.0-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "java-13-openjdk-accessibility-13.0.13.0-1.1.s390x",
                "product": {
                  "name": "java-13-openjdk-accessibility-13.0.13.0-1.1.s390x",
                  "product_id": "java-13-openjdk-accessibility-13.0.13.0-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "java-13-openjdk-demo-13.0.13.0-1.1.s390x",
                "product": {
                  "name": "java-13-openjdk-demo-13.0.13.0-1.1.s390x",
                  "product_id": "java-13-openjdk-demo-13.0.13.0-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "java-13-openjdk-devel-13.0.13.0-1.1.s390x",
                "product": {
                  "name": "java-13-openjdk-devel-13.0.13.0-1.1.s390x",
                  "product_id": "java-13-openjdk-devel-13.0.13.0-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "java-13-openjdk-headless-13.0.13.0-1.1.s390x",
                "product": {
                  "name": "java-13-openjdk-headless-13.0.13.0-1.1.s390x",
                  "product_id": "java-13-openjdk-headless-13.0.13.0-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "java-13-openjdk-javadoc-13.0.13.0-1.1.s390x",
                "product": {
                  "name": "java-13-openjdk-javadoc-13.0.13.0-1.1.s390x",
                  "product_id": "java-13-openjdk-javadoc-13.0.13.0-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "java-13-openjdk-jmods-13.0.13.0-1.1.s390x",
                "product": {
                  "name": "java-13-openjdk-jmods-13.0.13.0-1.1.s390x",
                  "product_id": "java-13-openjdk-jmods-13.0.13.0-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "java-13-openjdk-src-13.0.13.0-1.1.s390x",
                "product": {
                  "name": "java-13-openjdk-src-13.0.13.0-1.1.s390x",
                  "product_id": "java-13-openjdk-src-13.0.13.0-1.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "java-13-openjdk-13.0.13.0-1.1.x86_64",
                "product": {
                  "name": "java-13-openjdk-13.0.13.0-1.1.x86_64",
                  "product_id": "java-13-openjdk-13.0.13.0-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "java-13-openjdk-accessibility-13.0.13.0-1.1.x86_64",
                "product": {
                  "name": "java-13-openjdk-accessibility-13.0.13.0-1.1.x86_64",
                  "product_id": "java-13-openjdk-accessibility-13.0.13.0-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "java-13-openjdk-demo-13.0.13.0-1.1.x86_64",
                "product": {
                  "name": "java-13-openjdk-demo-13.0.13.0-1.1.x86_64",
                  "product_id": "java-13-openjdk-demo-13.0.13.0-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "java-13-openjdk-devel-13.0.13.0-1.1.x86_64",
                "product": {
                  "name": "java-13-openjdk-devel-13.0.13.0-1.1.x86_64",
                  "product_id": "java-13-openjdk-devel-13.0.13.0-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "java-13-openjdk-headless-13.0.13.0-1.1.x86_64",
                "product": {
                  "name": "java-13-openjdk-headless-13.0.13.0-1.1.x86_64",
                  "product_id": "java-13-openjdk-headless-13.0.13.0-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "java-13-openjdk-javadoc-13.0.13.0-1.1.x86_64",
                "product": {
                  "name": "java-13-openjdk-javadoc-13.0.13.0-1.1.x86_64",
                  "product_id": "java-13-openjdk-javadoc-13.0.13.0-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "java-13-openjdk-jmods-13.0.13.0-1.1.x86_64",
                "product": {
                  "name": "java-13-openjdk-jmods-13.0.13.0-1.1.x86_64",
                  "product_id": "java-13-openjdk-jmods-13.0.13.0-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "java-13-openjdk-src-13.0.13.0-1.1.x86_64",
                "product": {
                  "name": "java-13-openjdk-src-13.0.13.0-1.1.x86_64",
                  "product_id": "java-13-openjdk-src-13.0.13.0-1.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-13-openjdk-13.0.13.0-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.aarch64"
        },
        "product_reference": "java-13-openjdk-13.0.13.0-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-13-openjdk-13.0.13.0-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.ppc64le"
        },
        "product_reference": "java-13-openjdk-13.0.13.0-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-13-openjdk-13.0.13.0-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.s390x"
        },
        "product_reference": "java-13-openjdk-13.0.13.0-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-13-openjdk-13.0.13.0-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.x86_64"
        },
        "product_reference": "java-13-openjdk-13.0.13.0-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-13-openjdk-accessibility-13.0.13.0-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.aarch64"
        },
        "product_reference": "java-13-openjdk-accessibility-13.0.13.0-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-13-openjdk-accessibility-13.0.13.0-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.ppc64le"
        },
        "product_reference": "java-13-openjdk-accessibility-13.0.13.0-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-13-openjdk-accessibility-13.0.13.0-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.s390x"
        },
        "product_reference": "java-13-openjdk-accessibility-13.0.13.0-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-13-openjdk-accessibility-13.0.13.0-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.x86_64"
        },
        "product_reference": "java-13-openjdk-accessibility-13.0.13.0-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-13-openjdk-demo-13.0.13.0-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.aarch64"
        },
        "product_reference": "java-13-openjdk-demo-13.0.13.0-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-13-openjdk-demo-13.0.13.0-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.ppc64le"
        },
        "product_reference": "java-13-openjdk-demo-13.0.13.0-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-13-openjdk-demo-13.0.13.0-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.s390x"
        },
        "product_reference": "java-13-openjdk-demo-13.0.13.0-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-13-openjdk-demo-13.0.13.0-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.x86_64"
        },
        "product_reference": "java-13-openjdk-demo-13.0.13.0-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-13-openjdk-devel-13.0.13.0-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.aarch64"
        },
        "product_reference": "java-13-openjdk-devel-13.0.13.0-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-13-openjdk-devel-13.0.13.0-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.ppc64le"
        },
        "product_reference": "java-13-openjdk-devel-13.0.13.0-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-13-openjdk-devel-13.0.13.0-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.s390x"
        },
        "product_reference": "java-13-openjdk-devel-13.0.13.0-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-13-openjdk-devel-13.0.13.0-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.x86_64"
        },
        "product_reference": "java-13-openjdk-devel-13.0.13.0-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-13-openjdk-headless-13.0.13.0-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.aarch64"
        },
        "product_reference": "java-13-openjdk-headless-13.0.13.0-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-13-openjdk-headless-13.0.13.0-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.ppc64le"
        },
        "product_reference": "java-13-openjdk-headless-13.0.13.0-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-13-openjdk-headless-13.0.13.0-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.s390x"
        },
        "product_reference": "java-13-openjdk-headless-13.0.13.0-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-13-openjdk-headless-13.0.13.0-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.x86_64"
        },
        "product_reference": "java-13-openjdk-headless-13.0.13.0-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-13-openjdk-javadoc-13.0.13.0-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.aarch64"
        },
        "product_reference": "java-13-openjdk-javadoc-13.0.13.0-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-13-openjdk-javadoc-13.0.13.0-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.ppc64le"
        },
        "product_reference": "java-13-openjdk-javadoc-13.0.13.0-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-13-openjdk-javadoc-13.0.13.0-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.s390x"
        },
        "product_reference": "java-13-openjdk-javadoc-13.0.13.0-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-13-openjdk-javadoc-13.0.13.0-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.x86_64"
        },
        "product_reference": "java-13-openjdk-javadoc-13.0.13.0-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-13-openjdk-jmods-13.0.13.0-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.aarch64"
        },
        "product_reference": "java-13-openjdk-jmods-13.0.13.0-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-13-openjdk-jmods-13.0.13.0-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.ppc64le"
        },
        "product_reference": "java-13-openjdk-jmods-13.0.13.0-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-13-openjdk-jmods-13.0.13.0-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.s390x"
        },
        "product_reference": "java-13-openjdk-jmods-13.0.13.0-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-13-openjdk-jmods-13.0.13.0-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.x86_64"
        },
        "product_reference": "java-13-openjdk-jmods-13.0.13.0-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-13-openjdk-src-13.0.13.0-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.aarch64"
        },
        "product_reference": "java-13-openjdk-src-13.0.13.0-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-13-openjdk-src-13.0.13.0-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.ppc64le"
        },
        "product_reference": "java-13-openjdk-src-13.0.13.0-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-13-openjdk-src-13.0.13.0-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.s390x"
        },
        "product_reference": "java-13-openjdk-src-13.0.13.0-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-13-openjdk-src-13.0.13.0-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.x86_64"
        },
        "product_reference": "java-13-openjdk-src-13.0.13.0-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-21618",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-21618"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JGSS). Supported versions that are affected are Oracle Java SE: 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 21.3.3 and 22.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via Kerberos to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.s390x",
          "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.s390x",
          "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.s390x",
          "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.s390x",
          "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.s390x",
          "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.s390x",
          "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.s390x",
          "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.s390x",
          "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-21618",
          "url": "https://www.suse.com/security/cve/CVE-2022-21618"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204468 for CVE-2022-21618",
          "url": "https://bugzilla.suse.com/1204468"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1205302 for CVE-2022-21618",
          "url": "https://bugzilla.suse.com/1205302"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-21618"
    },
    {
      "cve": "CVE-2022-21619",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-21619"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.s390x",
          "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.s390x",
          "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.s390x",
          "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.s390x",
          "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.s390x",
          "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.s390x",
          "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.s390x",
          "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.s390x",
          "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-21619",
          "url": "https://www.suse.com/security/cve/CVE-2022-21619"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204473 for CVE-2022-21619",
          "url": "https://bugzilla.suse.com/1204473"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1205302 for CVE-2022-21619",
          "url": "https://bugzilla.suse.com/1205302"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2022-21619"
    },
    {
      "cve": "CVE-2022-21624",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-21624"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.s390x",
          "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.s390x",
          "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.s390x",
          "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.s390x",
          "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.s390x",
          "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.s390x",
          "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.s390x",
          "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.s390x",
          "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-21624",
          "url": "https://www.suse.com/security/cve/CVE-2022-21624"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204475 for CVE-2022-21624",
          "url": "https://bugzilla.suse.com/1204475"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1205302 for CVE-2022-21624",
          "url": "https://bugzilla.suse.com/1205302"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2022-21624"
    },
    {
      "cve": "CVE-2022-21626",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-21626"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.s390x",
          "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.s390x",
          "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.s390x",
          "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.s390x",
          "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.s390x",
          "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.s390x",
          "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.s390x",
          "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.s390x",
          "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-21626",
          "url": "https://www.suse.com/security/cve/CVE-2022-21626"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204471 for CVE-2022-21626",
          "url": "https://bugzilla.suse.com/1204471"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1205302 for CVE-2022-21626",
          "url": "https://bugzilla.suse.com/1205302"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-21626"
    },
    {
      "cve": "CVE-2022-21628",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-21628"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Lightweight HTTP Server). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.s390x",
          "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.s390x",
          "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.s390x",
          "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.s390x",
          "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.s390x",
          "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.s390x",
          "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.s390x",
          "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.s390x",
          "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-21628",
          "url": "https://www.suse.com/security/cve/CVE-2022-21628"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204472 for CVE-2022-21628",
          "url": "https://bugzilla.suse.com/1204472"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1205302 for CVE-2022-21628",
          "url": "https://bugzilla.suse.com/1205302"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-21628"
    },
    {
      "cve": "CVE-2022-39399",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-39399"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.s390x",
          "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.s390x",
          "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.s390x",
          "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.s390x",
          "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.s390x",
          "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.s390x",
          "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.s390x",
          "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.s390x",
          "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-39399",
          "url": "https://www.suse.com/security/cve/CVE-2022-39399"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204480 for CVE-2022-39399",
          "url": "https://bugzilla.suse.com/1204480"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1205302 for CVE-2022-39399",
          "url": "https://bugzilla.suse.com/1205302"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.13.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.s390x",
            "openSUSE Tumbleweed:java-13-openjdk-src-13.0.13.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2022-39399"
    }
  ]
}

OPENSUSE-SU-2024:12442-1

Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00

Summary

java-15-openjdk-15.0.9.0-1.1 on GA media

Severity

Moderate

Notes

Title of the patch: java-15-openjdk-15.0.9.0-1.1 on GA media

Description of the patch: These are all security issues fixed in the java-15-openjdk-15.0.9.0-1.1 package on the GA media of openSUSE Tumbleweed.

Patchnames: openSUSE-Tumbleweed-2024-12442

Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

CVE-2022-21618

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Affected products

Recommended 32 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2022-21619

3.7 (Low)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

Affected products

Recommended 32 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.x86_64	—	Vendor Fix

Threats

Impact low

CVE-2022-21624

3.7 (Low)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

Affected products

Recommended 32 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.x86_64	—	Vendor Fix

Threats

Impact low

CVE-2022-21626

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Affected products

Recommended 32 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2022-21628

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Affected products

Recommended 32 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2022-39399

3.7 (Low)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

Affected products

Recommended 32 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.x86_64	—	Vendor Fix

Threats

Impact low

References

26 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/o…	self
https://www.suse.com/security/cve/CVE-2022-21618/	self
https://www.suse.com/security/cve/CVE-2022-21619/	self
https://www.suse.com/security/cve/CVE-2022-21624/	self
https://www.suse.com/security/cve/CVE-2022-21626/	self
https://www.suse.com/security/cve/CVE-2022-21628/	self
https://www.suse.com/security/cve/CVE-2022-39399/	self
https://www.suse.com/security/cve/CVE-2022-21618	external
https://bugzilla.suse.com/1204468	external
https://bugzilla.suse.com/1205302	external
https://www.suse.com/security/cve/CVE-2022-21619	external
https://bugzilla.suse.com/1204473	external
https://bugzilla.suse.com/1205302	external
https://www.suse.com/security/cve/CVE-2022-21624	external
https://bugzilla.suse.com/1204475	external
https://bugzilla.suse.com/1205302	external
https://www.suse.com/security/cve/CVE-2022-21626	external
https://bugzilla.suse.com/1204471	external
https://bugzilla.suse.com/1205302	external
https://www.suse.com/security/cve/CVE-2022-21628	external
https://bugzilla.suse.com/1204472	external
https://bugzilla.suse.com/1205302	external
https://www.suse.com/security/cve/CVE-2022-39399	external
https://bugzilla.suse.com/1204480	external
https://bugzilla.suse.com/1205302	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "java-15-openjdk-15.0.9.0-1.1 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the java-15-openjdk-15.0.9.0-1.1 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2024-12442",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_12442-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-21618 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-21618/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-21619 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-21619/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-21624 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-21624/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-21626 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-21626/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-21628 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-21628/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-39399 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-39399/"
      }
    ],
    "title": "java-15-openjdk-15.0.9.0-1.1 on GA media",
    "tracking": {
      "current_release_date": "2024-06-15T00:00:00Z",
      "generator": {
        "date": "2024-06-15T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2024:12442-1",
      "initial_release_date": "2024-06-15T00:00:00Z",
      "revision_history": [
        {
          "date": "2024-06-15T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "java-15-openjdk-15.0.9.0-1.1.aarch64",
                "product": {
                  "name": "java-15-openjdk-15.0.9.0-1.1.aarch64",
                  "product_id": "java-15-openjdk-15.0.9.0-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "java-15-openjdk-accessibility-15.0.9.0-1.1.aarch64",
                "product": {
                  "name": "java-15-openjdk-accessibility-15.0.9.0-1.1.aarch64",
                  "product_id": "java-15-openjdk-accessibility-15.0.9.0-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "java-15-openjdk-demo-15.0.9.0-1.1.aarch64",
                "product": {
                  "name": "java-15-openjdk-demo-15.0.9.0-1.1.aarch64",
                  "product_id": "java-15-openjdk-demo-15.0.9.0-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "java-15-openjdk-devel-15.0.9.0-1.1.aarch64",
                "product": {
                  "name": "java-15-openjdk-devel-15.0.9.0-1.1.aarch64",
                  "product_id": "java-15-openjdk-devel-15.0.9.0-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "java-15-openjdk-headless-15.0.9.0-1.1.aarch64",
                "product": {
                  "name": "java-15-openjdk-headless-15.0.9.0-1.1.aarch64",
                  "product_id": "java-15-openjdk-headless-15.0.9.0-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "java-15-openjdk-javadoc-15.0.9.0-1.1.aarch64",
                "product": {
                  "name": "java-15-openjdk-javadoc-15.0.9.0-1.1.aarch64",
                  "product_id": "java-15-openjdk-javadoc-15.0.9.0-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "java-15-openjdk-jmods-15.0.9.0-1.1.aarch64",
                "product": {
                  "name": "java-15-openjdk-jmods-15.0.9.0-1.1.aarch64",
                  "product_id": "java-15-openjdk-jmods-15.0.9.0-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "java-15-openjdk-src-15.0.9.0-1.1.aarch64",
                "product": {
                  "name": "java-15-openjdk-src-15.0.9.0-1.1.aarch64",
                  "product_id": "java-15-openjdk-src-15.0.9.0-1.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "java-15-openjdk-15.0.9.0-1.1.ppc64le",
                "product": {
                  "name": "java-15-openjdk-15.0.9.0-1.1.ppc64le",
                  "product_id": "java-15-openjdk-15.0.9.0-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "java-15-openjdk-accessibility-15.0.9.0-1.1.ppc64le",
                "product": {
                  "name": "java-15-openjdk-accessibility-15.0.9.0-1.1.ppc64le",
                  "product_id": "java-15-openjdk-accessibility-15.0.9.0-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "java-15-openjdk-demo-15.0.9.0-1.1.ppc64le",
                "product": {
                  "name": "java-15-openjdk-demo-15.0.9.0-1.1.ppc64le",
                  "product_id": "java-15-openjdk-demo-15.0.9.0-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "java-15-openjdk-devel-15.0.9.0-1.1.ppc64le",
                "product": {
                  "name": "java-15-openjdk-devel-15.0.9.0-1.1.ppc64le",
                  "product_id": "java-15-openjdk-devel-15.0.9.0-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "java-15-openjdk-headless-15.0.9.0-1.1.ppc64le",
                "product": {
                  "name": "java-15-openjdk-headless-15.0.9.0-1.1.ppc64le",
                  "product_id": "java-15-openjdk-headless-15.0.9.0-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "java-15-openjdk-javadoc-15.0.9.0-1.1.ppc64le",
                "product": {
                  "name": "java-15-openjdk-javadoc-15.0.9.0-1.1.ppc64le",
                  "product_id": "java-15-openjdk-javadoc-15.0.9.0-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "java-15-openjdk-jmods-15.0.9.0-1.1.ppc64le",
                "product": {
                  "name": "java-15-openjdk-jmods-15.0.9.0-1.1.ppc64le",
                  "product_id": "java-15-openjdk-jmods-15.0.9.0-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "java-15-openjdk-src-15.0.9.0-1.1.ppc64le",
                "product": {
                  "name": "java-15-openjdk-src-15.0.9.0-1.1.ppc64le",
                  "product_id": "java-15-openjdk-src-15.0.9.0-1.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "java-15-openjdk-15.0.9.0-1.1.s390x",
                "product": {
                  "name": "java-15-openjdk-15.0.9.0-1.1.s390x",
                  "product_id": "java-15-openjdk-15.0.9.0-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "java-15-openjdk-accessibility-15.0.9.0-1.1.s390x",
                "product": {
                  "name": "java-15-openjdk-accessibility-15.0.9.0-1.1.s390x",
                  "product_id": "java-15-openjdk-accessibility-15.0.9.0-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "java-15-openjdk-demo-15.0.9.0-1.1.s390x",
                "product": {
                  "name": "java-15-openjdk-demo-15.0.9.0-1.1.s390x",
                  "product_id": "java-15-openjdk-demo-15.0.9.0-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "java-15-openjdk-devel-15.0.9.0-1.1.s390x",
                "product": {
                  "name": "java-15-openjdk-devel-15.0.9.0-1.1.s390x",
                  "product_id": "java-15-openjdk-devel-15.0.9.0-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "java-15-openjdk-headless-15.0.9.0-1.1.s390x",
                "product": {
                  "name": "java-15-openjdk-headless-15.0.9.0-1.1.s390x",
                  "product_id": "java-15-openjdk-headless-15.0.9.0-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "java-15-openjdk-javadoc-15.0.9.0-1.1.s390x",
                "product": {
                  "name": "java-15-openjdk-javadoc-15.0.9.0-1.1.s390x",
                  "product_id": "java-15-openjdk-javadoc-15.0.9.0-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "java-15-openjdk-jmods-15.0.9.0-1.1.s390x",
                "product": {
                  "name": "java-15-openjdk-jmods-15.0.9.0-1.1.s390x",
                  "product_id": "java-15-openjdk-jmods-15.0.9.0-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "java-15-openjdk-src-15.0.9.0-1.1.s390x",
                "product": {
                  "name": "java-15-openjdk-src-15.0.9.0-1.1.s390x",
                  "product_id": "java-15-openjdk-src-15.0.9.0-1.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "java-15-openjdk-15.0.9.0-1.1.x86_64",
                "product": {
                  "name": "java-15-openjdk-15.0.9.0-1.1.x86_64",
                  "product_id": "java-15-openjdk-15.0.9.0-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "java-15-openjdk-accessibility-15.0.9.0-1.1.x86_64",
                "product": {
                  "name": "java-15-openjdk-accessibility-15.0.9.0-1.1.x86_64",
                  "product_id": "java-15-openjdk-accessibility-15.0.9.0-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "java-15-openjdk-demo-15.0.9.0-1.1.x86_64",
                "product": {
                  "name": "java-15-openjdk-demo-15.0.9.0-1.1.x86_64",
                  "product_id": "java-15-openjdk-demo-15.0.9.0-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "java-15-openjdk-devel-15.0.9.0-1.1.x86_64",
                "product": {
                  "name": "java-15-openjdk-devel-15.0.9.0-1.1.x86_64",
                  "product_id": "java-15-openjdk-devel-15.0.9.0-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "java-15-openjdk-headless-15.0.9.0-1.1.x86_64",
                "product": {
                  "name": "java-15-openjdk-headless-15.0.9.0-1.1.x86_64",
                  "product_id": "java-15-openjdk-headless-15.0.9.0-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "java-15-openjdk-javadoc-15.0.9.0-1.1.x86_64",
                "product": {
                  "name": "java-15-openjdk-javadoc-15.0.9.0-1.1.x86_64",
                  "product_id": "java-15-openjdk-javadoc-15.0.9.0-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "java-15-openjdk-jmods-15.0.9.0-1.1.x86_64",
                "product": {
                  "name": "java-15-openjdk-jmods-15.0.9.0-1.1.x86_64",
                  "product_id": "java-15-openjdk-jmods-15.0.9.0-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "java-15-openjdk-src-15.0.9.0-1.1.x86_64",
                "product": {
                  "name": "java-15-openjdk-src-15.0.9.0-1.1.x86_64",
                  "product_id": "java-15-openjdk-src-15.0.9.0-1.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-15-openjdk-15.0.9.0-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.aarch64"
        },
        "product_reference": "java-15-openjdk-15.0.9.0-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-15-openjdk-15.0.9.0-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.ppc64le"
        },
        "product_reference": "java-15-openjdk-15.0.9.0-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-15-openjdk-15.0.9.0-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.s390x"
        },
        "product_reference": "java-15-openjdk-15.0.9.0-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-15-openjdk-15.0.9.0-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.x86_64"
        },
        "product_reference": "java-15-openjdk-15.0.9.0-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-15-openjdk-accessibility-15.0.9.0-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.aarch64"
        },
        "product_reference": "java-15-openjdk-accessibility-15.0.9.0-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-15-openjdk-accessibility-15.0.9.0-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.ppc64le"
        },
        "product_reference": "java-15-openjdk-accessibility-15.0.9.0-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-15-openjdk-accessibility-15.0.9.0-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.s390x"
        },
        "product_reference": "java-15-openjdk-accessibility-15.0.9.0-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-15-openjdk-accessibility-15.0.9.0-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.x86_64"
        },
        "product_reference": "java-15-openjdk-accessibility-15.0.9.0-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-15-openjdk-demo-15.0.9.0-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.aarch64"
        },
        "product_reference": "java-15-openjdk-demo-15.0.9.0-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-15-openjdk-demo-15.0.9.0-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.ppc64le"
        },
        "product_reference": "java-15-openjdk-demo-15.0.9.0-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-15-openjdk-demo-15.0.9.0-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.s390x"
        },
        "product_reference": "java-15-openjdk-demo-15.0.9.0-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-15-openjdk-demo-15.0.9.0-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.x86_64"
        },
        "product_reference": "java-15-openjdk-demo-15.0.9.0-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-15-openjdk-devel-15.0.9.0-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.aarch64"
        },
        "product_reference": "java-15-openjdk-devel-15.0.9.0-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-15-openjdk-devel-15.0.9.0-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.ppc64le"
        },
        "product_reference": "java-15-openjdk-devel-15.0.9.0-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-15-openjdk-devel-15.0.9.0-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.s390x"
        },
        "product_reference": "java-15-openjdk-devel-15.0.9.0-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-15-openjdk-devel-15.0.9.0-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.x86_64"
        },
        "product_reference": "java-15-openjdk-devel-15.0.9.0-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-15-openjdk-headless-15.0.9.0-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.aarch64"
        },
        "product_reference": "java-15-openjdk-headless-15.0.9.0-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-15-openjdk-headless-15.0.9.0-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.ppc64le"
        },
        "product_reference": "java-15-openjdk-headless-15.0.9.0-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-15-openjdk-headless-15.0.9.0-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.s390x"
        },
        "product_reference": "java-15-openjdk-headless-15.0.9.0-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-15-openjdk-headless-15.0.9.0-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.x86_64"
        },
        "product_reference": "java-15-openjdk-headless-15.0.9.0-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-15-openjdk-javadoc-15.0.9.0-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.aarch64"
        },
        "product_reference": "java-15-openjdk-javadoc-15.0.9.0-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-15-openjdk-javadoc-15.0.9.0-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.ppc64le"
        },
        "product_reference": "java-15-openjdk-javadoc-15.0.9.0-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-15-openjdk-javadoc-15.0.9.0-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.s390x"
        },
        "product_reference": "java-15-openjdk-javadoc-15.0.9.0-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-15-openjdk-javadoc-15.0.9.0-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.x86_64"
        },
        "product_reference": "java-15-openjdk-javadoc-15.0.9.0-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-15-openjdk-jmods-15.0.9.0-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.aarch64"
        },
        "product_reference": "java-15-openjdk-jmods-15.0.9.0-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-15-openjdk-jmods-15.0.9.0-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.ppc64le"
        },
        "product_reference": "java-15-openjdk-jmods-15.0.9.0-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-15-openjdk-jmods-15.0.9.0-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.s390x"
        },
        "product_reference": "java-15-openjdk-jmods-15.0.9.0-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-15-openjdk-jmods-15.0.9.0-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.x86_64"
        },
        "product_reference": "java-15-openjdk-jmods-15.0.9.0-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-15-openjdk-src-15.0.9.0-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.aarch64"
        },
        "product_reference": "java-15-openjdk-src-15.0.9.0-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-15-openjdk-src-15.0.9.0-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.ppc64le"
        },
        "product_reference": "java-15-openjdk-src-15.0.9.0-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-15-openjdk-src-15.0.9.0-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.s390x"
        },
        "product_reference": "java-15-openjdk-src-15.0.9.0-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-15-openjdk-src-15.0.9.0-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.x86_64"
        },
        "product_reference": "java-15-openjdk-src-15.0.9.0-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-21618",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-21618"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JGSS). Supported versions that are affected are Oracle Java SE: 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 21.3.3 and 22.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via Kerberos to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.s390x",
          "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.s390x",
          "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.s390x",
          "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.s390x",
          "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.s390x",
          "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.s390x",
          "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.s390x",
          "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.s390x",
          "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-21618",
          "url": "https://www.suse.com/security/cve/CVE-2022-21618"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204468 for CVE-2022-21618",
          "url": "https://bugzilla.suse.com/1204468"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1205302 for CVE-2022-21618",
          "url": "https://bugzilla.suse.com/1205302"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-21618"
    },
    {
      "cve": "CVE-2022-21619",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-21619"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.s390x",
          "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.s390x",
          "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.s390x",
          "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.s390x",
          "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.s390x",
          "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.s390x",
          "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.s390x",
          "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.s390x",
          "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-21619",
          "url": "https://www.suse.com/security/cve/CVE-2022-21619"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204473 for CVE-2022-21619",
          "url": "https://bugzilla.suse.com/1204473"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1205302 for CVE-2022-21619",
          "url": "https://bugzilla.suse.com/1205302"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2022-21619"
    },
    {
      "cve": "CVE-2022-21624",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-21624"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.s390x",
          "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.s390x",
          "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.s390x",
          "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.s390x",
          "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.s390x",
          "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.s390x",
          "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.s390x",
          "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.s390x",
          "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-21624",
          "url": "https://www.suse.com/security/cve/CVE-2022-21624"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204475 for CVE-2022-21624",
          "url": "https://bugzilla.suse.com/1204475"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1205302 for CVE-2022-21624",
          "url": "https://bugzilla.suse.com/1205302"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2022-21624"
    },
    {
      "cve": "CVE-2022-21626",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-21626"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.s390x",
          "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.s390x",
          "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.s390x",
          "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.s390x",
          "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.s390x",
          "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.s390x",
          "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.s390x",
          "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.s390x",
          "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-21626",
          "url": "https://www.suse.com/security/cve/CVE-2022-21626"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204471 for CVE-2022-21626",
          "url": "https://bugzilla.suse.com/1204471"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1205302 for CVE-2022-21626",
          "url": "https://bugzilla.suse.com/1205302"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-21626"
    },
    {
      "cve": "CVE-2022-21628",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-21628"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Lightweight HTTP Server). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.s390x",
          "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.s390x",
          "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.s390x",
          "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.s390x",
          "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.s390x",
          "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.s390x",
          "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.s390x",
          "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.s390x",
          "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-21628",
          "url": "https://www.suse.com/security/cve/CVE-2022-21628"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204472 for CVE-2022-21628",
          "url": "https://bugzilla.suse.com/1204472"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1205302 for CVE-2022-21628",
          "url": "https://bugzilla.suse.com/1205302"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-21628"
    },
    {
      "cve": "CVE-2022-39399",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-39399"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.s390x",
          "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.s390x",
          "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.s390x",
          "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.s390x",
          "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.s390x",
          "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.s390x",
          "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.s390x",
          "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.x86_64",
          "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.aarch64",
          "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.ppc64le",
          "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.s390x",
          "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-39399",
          "url": "https://www.suse.com/security/cve/CVE-2022-39399"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204480 for CVE-2022-39399",
          "url": "https://bugzilla.suse.com/1204480"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1205302 for CVE-2022-39399",
          "url": "https://bugzilla.suse.com/1205302"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.9.0-1.1.x86_64",
            "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.s390x",
            "openSUSE Tumbleweed:java-15-openjdk-src-15.0.9.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2022-39399"
    }
  ]
}

CVE-2022-21624 (GCVE-0-2022-21624)

Tags

Sightings

Nomenclature

Action not permitted

CVE-2022-21624 (GCVE-0-2022-21624)

Solutions

Solutions

Tags

Sightings

Nomenclature