Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2022-34169 (GCVE-0-2022-34169)
Vulnerability from cvelistv5 – Published: 2022-07-19 00:00 – Updated: 2026-05-27 12:51
VLAI
EPSS
Title
Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets
Summary
The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- integer truncation
- CWE-681 - Incorrect Conversion between Numeric Types
Assigner
References
24 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache Xalan-J |
Affected:
Xalan-J , ≤ 2.7.2
(custom)
|
Credits
Reported by Felix Wilhelm, Google Project Zero
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T08:16:17.277Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://lists.apache.org/thread/2qvl7r43wb4t8p9dd9om1bnkssk07sn8"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.apache.org/thread/12pxy4phsry6c34x2ol4fft6xlho4kyw"
},
{
"name": "[oss-security] 20220719 CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/07/19/5"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"name": "[oss-security] 20220719 Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/07/19/6"
},
{
"name": "[oss-security] 20220719 Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/07/20/2"
},
{
"name": "[oss-security] 20220720 Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/07/20/3"
},
{
"name": "DSA-5188",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5188"
},
{
"name": "DSA-5192",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5192"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20220729-0009/"
},
{
"name": "FEDORA-2022-19b6f21746",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO/"
},
{
"name": "FEDORA-2022-ae563934f7",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2/"
},
{
"name": "FEDORA-2022-e573851f56",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB/"
},
{
"name": "FEDORA-2022-d26586b419",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM/"
},
{
"name": "FEDORA-2022-80afe2304a",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ/"
},
{
"name": "FEDORA-2022-b76ab52e73",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L/"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/168186/Xalan-J-XSLTC-Integer-Truncation.html"
},
{
"name": "[oss-security] 20221017 Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/10/18/2"
},
{
"name": "[debian-lts-announce] 20221018 [SECURITY] [DLA 3155-1] bcel security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00024.html"
},
{
"name": "DSA-5256",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5256"
},
{
"name": "[oss-security] 20221104 Re: CVE-2022-42920: Apache Commons BCEL prior to 6.6.0 allows producing arbitrary bytecode via out-of-bounds writing",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/11/04/8"
},
{
"name": "[oss-security] 20221107 Re: CVE-2022-42920: Apache Commons BCEL prior to 6.6.0 allows producing arbitrary bytecode via out-of-bounds writing",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/11/07/2"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202401-25"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-34169",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-20T16:24:49.067251Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-681",
"description": "CWE-681 Incorrect Conversion between Numeric Types",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T12:51:15.955Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Apache Xalan-J",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "2.7.2",
"status": "affected",
"version": "Xalan-J",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Reported by Felix Wilhelm, Google Project Zero"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "integer truncation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-21T19:07:47.103Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"url": "https://lists.apache.org/thread/2qvl7r43wb4t8p9dd9om1bnkssk07sn8"
},
{
"url": "https://lists.apache.org/thread/12pxy4phsry6c34x2ol4fft6xlho4kyw"
},
{
"name": "[oss-security] 20220719 CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2022/07/19/5"
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"name": "[oss-security] 20220719 Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2022/07/19/6"
},
{
"name": "[oss-security] 20220719 Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2022/07/20/2"
},
{
"name": "[oss-security] 20220720 Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2022/07/20/3"
},
{
"name": "DSA-5188",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5188"
},
{
"name": "DSA-5192",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5192"
},
{
"url": "https://security.netapp.com/advisory/ntap-20220729-0009/"
},
{
"name": "FEDORA-2022-19b6f21746",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO/"
},
{
"name": "FEDORA-2022-ae563934f7",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2/"
},
{
"name": "FEDORA-2022-e573851f56",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB/"
},
{
"name": "FEDORA-2022-d26586b419",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM/"
},
{
"name": "FEDORA-2022-80afe2304a",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ/"
},
{
"name": "FEDORA-2022-b76ab52e73",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L/"
},
{
"url": "http://packetstormsecurity.com/files/168186/Xalan-J-XSLTC-Integer-Truncation.html"
},
{
"name": "[oss-security] 20221017 Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2022/10/18/2"
},
{
"name": "[debian-lts-announce] 20221018 [SECURITY] [DLA 3155-1] bcel security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00024.html"
},
{
"name": "DSA-5256",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5256"
},
{
"name": "[oss-security] 20221104 Re: CVE-2022-42920: Apache Commons BCEL prior to 6.6.0 allows producing arbitrary bytecode via out-of-bounds writing",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2022/11/04/8"
},
{
"name": "[oss-security] 20221107 Re: CVE-2022-42920: Apache Commons BCEL prior to 6.6.0 allows producing arbitrary bytecode via out-of-bounds writing",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2022/11/07/2"
},
{
"url": "https://security.gentoo.org/glsa/202401-25"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets",
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2022-34169",
"datePublished": "2022-07-19T00:00:00.000Z",
"dateReserved": "2022-06-21T00:00:00.000Z",
"dateUpdated": "2026-05-27T12:51:15.955Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2022-34169",
"date": "2026-06-04",
"epss": "0.10953",
"percentile": "0.93547"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2022-34169\",\"sourceIdentifier\":\"security@apache.org\",\"published\":\"2022-07-19T18:15:11.740\",\"lastModified\":\"2026-05-27T14:16:39.110\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.\"},{\"lang\":\"es\",\"value\":\"La biblioteca Apache Xalan Java XSLT es vulnerable a un problema de truncamiento de enteros cuando procesa hojas de estilo XSLT maliciosas. Esto puede usarse para corromper los archivos de clase Java generados por el compilador interno XSLTC y ejecutar c\u00f3digo de bytes Java arbitrario. El proyecto Apache Xalan Java est\u00e1 inactivo y en proceso de ser retirado. No son esperadas futuras versiones de Apache Xalan Java que abordan este problema. Nota: Los tiempos de ejecuci\u00f3n de Java (como OpenJDK) incluyen copias reempaquetadas de Xalan.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-681\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-681\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:xalan-java:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.7.2\",\"matchCriteriaId\":\"E406791B-F9FD-4E3F-831C-296D8F8FF9BE\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA6FEEC2-9F11-4643-8827-749718254FED\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:graalvm:20.3.6:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"7D961E24-EA18-4217-B5F5-F847726D84E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:graalvm:21.3.2:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"601D92C4-F71F-47E2-9041-5C286D2137F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:graalvm:22.1.0:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"B18FE85D-C53D-44E9-8992-715820D1264B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.7.0:update343:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E3C0BA3-FCD3-4CB8-B8C7-F931090A7DBE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.8.0:update333:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB2A5440-7FA7-4A86-AA19-E2ABBD809B19\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:11.0.15.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C0485FC-E4B2-464E-8228-1387AC5F353B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:17.0.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7AF3539B-0434-4310-AE88-F46864C7C20F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:18.0.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F5CC9398-71B6-4480-95ED-EDCE838D157E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.7.0:update343:*:*:*:*:*:*\",\"matchCriteriaId\":\"60614E43-090E-44D7-94AD-FFAE38FF111F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.8.0:update333:*:*:*:*:*:*\",\"matchCriteriaId\":\"131E1C9E-721C-4176-B78B-69C01F90A9A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:11.0.15.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD4BFA12-588A-4D8D-B45F-648A55EC674C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:17.0.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0DF70EEA-EC9D-4FFC-B7BE-76F50C34D999\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:18.0.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4EF9CFB1-CEC9-483E-BECF-618190C03944\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11\",\"versionEndIncluding\":\"11.0.15\",\"matchCriteriaId\":\"DD2ADA66-DCD0-4D28-80B2-77A0265CE7B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13\",\"versionEndIncluding\":\"13.0.11\",\"matchCriteriaId\":\"8CA6BC07-2BDA-4913-AF2B-FD2146B0E539\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15\",\"versionEndIncluding\":\"15.0.7\",\"matchCriteriaId\":\"5A2E366B-549D-48C5-B3FB-AD0E8C75AE08\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17\",\"versionEndIncluding\":\"17.0.3\",\"matchCriteriaId\":\"15FD6A0B-BB1A-4875-926C-AB1B6EC1A053\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"E78B7C5A-FA51-41E4-AAB0-C6DED2EFCF4C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update1:*:*:*:*:*:*\",\"matchCriteriaId\":\"02011EDC-20A7-4A16-A592-7C76E0037997\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update10:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC6D4652-1226-4C60-BEDF-01EBF8AC0849\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update101:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C1F9ED7-7D93-41F4-9130-15BA734420AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update11:*:*:*:*:*:*\",\"matchCriteriaId\":\"1CF9CDF1-95D3-4125-A73F-396D2280FC4E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update111:*:*:*:*:*:*\",\"matchCriteriaId\":\"A13266DC-F8D9-4F30-987F-65BBEAF8D3A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update121:*:*:*:*:*:*\",\"matchCriteriaId\":\"C28388AB-CFC9-4749-A90F-383F5B905EA9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update13:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA1B00F9-A81C-48B7-8DAA-F394DDF323F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update131:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA7AD457-6CE6-4925-8D94-A907B40233D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update141:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6F3FDD1-7CAC-4B84-ABB7-64E9D3FBD708\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update15:*:*:*:*:*:*\",\"matchCriteriaId\":\"5480E5AD-DB46-474A-9B57-84ED088A75FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update151:*:*:*:*:*:*\",\"matchCriteriaId\":\"881A4AE9-6012-4E91-98BE-0A352CC20703\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update161:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E1E1079-57D9-473B-A017-964F4745F329\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update17:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8D6446E-2915-4F12-87BE-E7420BC2626E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update171:*:*:*:*:*:*\",\"matchCriteriaId\":\"564EDCE3-16E6-401D-8A43-032D1F8875E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update181:*:*:*:*:*:*\",\"matchCriteriaId\":\"08278802-D31B-488A-BA6A-EBC816DF883A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update191:*:*:*:*:*:*\",\"matchCriteriaId\":\"72BDA05A-C8BD-472E-8465-EE1F3E5D8CF6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update2:*:*:*:*:*:*\",\"matchCriteriaId\":\"7BBB0969-565E-43E2-B067-A10AAA5F1958\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update201:*:*:*:*:*:*\",\"matchCriteriaId\":\"D78BE95D-6270-469A-8035-FCDDB398F952\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update21:*:*:*:*:*:*\",\"matchCriteriaId\":\"88C24F40-3150-4584-93D9-8307DE04EEE9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update211:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0FC5A03-FF11-4787-BBF1-3ACF93A21F2D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update221:*:*:*:*:*:*\",\"matchCriteriaId\":\"19626B36-62FC-4497-A2E1-7D6CD9839B19\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update231:*:*:*:*:*:*\",\"matchCriteriaId\":\"5713AEBD-35F6-44E8-A0CC-A42830D7AE20\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update241:*:*:*:*:*:*\",\"matchCriteriaId\":\"8BE0C04B-440E-4B35-ACC8-6264514F764C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update25:*:*:*:*:*:*\",\"matchCriteriaId\":\"555EC2A6-0475-48ED-AE0C-B306714A9333\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update251:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC1CF2AD-3F7A-4EF3-BD41-117A21553A9F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update261:*:*:*:*:*:*\",\"matchCriteriaId\":\"02C55E2E-AEDE-455C-B128-168C918B5D97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update271:*:*:*:*:*:*\",\"matchCriteriaId\":\"81831D37-6597-441B-87DE-38F7191BEA42\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update281:*:*:*:*:*:*\",\"matchCriteriaId\":\"EEA1594D-0AB5-436D-9E60-C26EE2175753\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update291:*:*:*:*:*:*\",\"matchCriteriaId\":\"B868FA41-C71B-491C-880B-484740B30C72\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update3:*:*:*:*:*:*\",\"matchCriteriaId\":\"C242D3BE-9114-4A9E-BB78-45754C7CC450\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update301:*:*:*:*:*:*\",\"matchCriteriaId\":\"95954182-9541-4181-9647-B17FA5A79F9F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update311:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F6F0137-F91F-4028-BED2-C29640D52C23\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update321:*:*:*:*:*:*\",\"matchCriteriaId\":\"EAFB6B15-4AE6-47FC-8847-9DFADB7AE253\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update4:*:*:*:*:*:*\",\"matchCriteriaId\":\"D61068FE-18EE-4ADB-BC69-A3ECE8724575\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update40:*:*:*:*:*:*\",\"matchCriteriaId\":\"EFB59E80-4EC4-4399-BF40-6733E4E475A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update45:*:*:*:*:*:*\",\"matchCriteriaId\":\"84E31265-22E1-4E91-BFCB-D2AFF445926A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update5:*:*:*:*:*:*\",\"matchCriteriaId\":\"AB3A58C3-94BB-4120-BE1D-AAF8BBF7F22B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update51:*:*:*:*:*:*\",\"matchCriteriaId\":\"50319E52-8739-47C5-B61E-3CA9B6A9A48F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update55:*:*:*:*:*:*\",\"matchCriteriaId\":\"7ED515B9-DC74-4DC5-B98A-08D87D85E11E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update6:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D1D4868-1F9F-43F7-968C-6469B67D3F1B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update60:*:*:*:*:*:*\",\"matchCriteriaId\":\"568F1AC4-B0D7-4438-82E5-0E61500F2240\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update65:*:*:*:*:*:*\",\"matchCriteriaId\":\"F5E99B4A-EDAD-4471-81C4-7E9C775C9D9F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update67:*:*:*:*:*:*\",\"matchCriteriaId\":\"14E9133E-9FF3-40DB-9A11-7469EF5FD265\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update7:*:*:*:*:*:*\",\"matchCriteriaId\":\"94834710-3FA9-49D9-8600-B514CBCA4270\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update72:*:*:*:*:*:*\",\"matchCriteriaId\":\"4228D9E1-7D82-4B49-9669-9CDAD7187432\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update76:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6231F48-2936-4F7D-96D5-4BA11F78EBE8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update80:*:*:*:*:*:*\",\"matchCriteriaId\":\"D96D5061-4A81-497E-9AD6-A8381B3B454C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update85:*:*:*:*:*:*\",\"matchCriteriaId\":\"5345C21E-A01B-43B9-9A20-F2783D921C60\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update9:*:*:*:*:*:*\",\"matchCriteriaId\":\"B219F360-83BD-4111-AB59-C9D4F55AF4C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update91:*:*:*:*:*:*\",\"matchCriteriaId\":\"D25377EA-8E8F-4C76-8EA9-3BBDFB352815\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update95:*:*:*:*:*:*\",\"matchCriteriaId\":\"59FEFE05-269A-4EAF-A80F-E4C2107B1197\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update97:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7E2AA7C-F602-4DB7-9EC1-0708C46C253C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:7:update99:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB70E154-A304-429E-80F5-8D87B00E32D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"70892D06-6E75-4425-BBF0-4B684EC62A1C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:milestone1:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A165D71-71CC-4E6A-AA4F-FF8DB5B9A5AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:milestone2:*:*:*:*:*:*\",\"matchCriteriaId\":\"7417B2BB-9AC2-4AF4-A828-C89A0735AD92\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:milestone3:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A0A57B5-6F88-4288-9CDE-F6613FE068D2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:milestone4:*:*:*:*:*:*\",\"matchCriteriaId\":\"67ED8559-C348-4932-B7CE-CB96976A30EC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:milestone5:*:*:*:*:*:*\",\"matchCriteriaId\":\"40AC3D91-263F-4345-9FAA-0E573EA64590\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:milestone6:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD92AFA9-81F8-48D4-B79A-E7F066F69A99\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:milestone7:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C4B2F24-A730-4818-90C8-A2D90C081F03\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:milestone8:*:*:*:*:*:*\",\"matchCriteriaId\":\"464087F2-C285-4574-957E-CE0663F07DE0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:milestone9:*:*:*:*:*:*\",\"matchCriteriaId\":\"3E9BB880-A4F6-4887-8BB9-47AA298753D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update101:*:*:*:*:*:*\",\"matchCriteriaId\":\"18DCFF53-B298-4534-AB5C-8A5EF59C616F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update102:*:*:*:*:*:*\",\"matchCriteriaId\":\"083419F8-FDDF-4E36-88F8-857DB317C1D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update11:*:*:*:*:*:*\",\"matchCriteriaId\":\"D7A74F65-57E8-4C9A-BA96-5EF401504F13\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update111:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D0B90FC-57B6-4315-9B29-3C36E58B2CF5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update112:*:*:*:*:*:*\",\"matchCriteriaId\":\"07812576-3C35-404C-A7D7-9BE9E3D76E00\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update121:*:*:*:*:*:*\",\"matchCriteriaId\":\"00C52B1C-5447-4282-9667-9EBE0720B423\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update131:*:*:*:*:*:*\",\"matchCriteriaId\":\"92BB9EB0-0C12-4E77-89EE-FB77097841B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update141:*:*:*:*:*:*\",\"matchCriteriaId\":\"FF9D5DCE-2E8F-42B9-9038-AEA7E8C8CFFD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update151:*:*:*:*:*:*\",\"matchCriteriaId\":\"ABC0E7BB-F8B7-4369-9910-71240E4073A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update152:*:*:*:*:*:*\",\"matchCriteriaId\":\"551B2640-8CEC-4C24-AF8B-7A7CEF864D9D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update161:*:*:*:*:*:*\",\"matchCriteriaId\":\"0AE30779-48FB-451E-8CE1-F469F93B8772\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update162:*:*:*:*:*:*\",\"matchCriteriaId\":\"60590FDE-7156-4314-A012-AA38BD2ADDC9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update171:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE51AD3A-8331-4E8F-9DB1-7A0051731DFB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update172:*:*:*:*:*:*\",\"matchCriteriaId\":\"F24F6122-2256-41B6-9033-794C6424ED99\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update181:*:*:*:*:*:*\",\"matchCriteriaId\":\"0EAFA79E-8C7A-48CF-8868-11378FE4B26F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update191:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1D6F19F-59B5-4BB6-AD35-013384025970\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update192:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7BA97BC-3ADA-465A-835B-6C3C5F416B56\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update20:*:*:*:*:*:*\",\"matchCriteriaId\":\"B71F77A4-B7EB-47A1-AAFD-431A7D040B86\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update201:*:*:*:*:*:*\",\"matchCriteriaId\":\"91D6BEA9-5943-44A4-946D-CEAA9BA99376\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update202:*:*:*:*:*:*\",\"matchCriteriaId\":\"C079A3E0-44EB-4B9C-B4FC-B7621D165C3B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update211:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CB74086-14B8-4237-8357-E0C6B5BB8313\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update212:*:*:*:*:*:*\",\"matchCriteriaId\":\"3ABED20A-7C34-4E86-9AFB-F4DC9ECBB3A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update221:*:*:*:*:*:*\",\"matchCriteriaId\":\"00C2B9C9-1177-4DA6-96CE-55F37F383F99\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update222:*:*:*:*:*:*\",\"matchCriteriaId\":\"435CF189-0BD8-40DF-A0DC-99862CDEAF8A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update231:*:*:*:*:*:*\",\"matchCriteriaId\":\"12A3F367-33AD-47C3-BFDC-871A17E72C94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update232:*:*:*:*:*:*\",\"matchCriteriaId\":\"A18F994F-72CA-4AF5-A7D1-9F5AEA286D85\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update241:*:*:*:*:*:*\",\"matchCriteriaId\":\"78261932-7373-4F16-91E0-1A72ADBEBC3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update242:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BD90D3D-9B3A-4101-9A8A-5090F0A9719F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update25:*:*:*:*:*:*\",\"matchCriteriaId\":\"B38C0276-0EBD-4E0B-BFCF-4DDECACE04E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update252:*:*:*:*:*:*\",\"matchCriteriaId\":\"F5A40B8A-D428-4008-9F21-AF21394C51D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update262:*:*:*:*:*:*\",\"matchCriteriaId\":\"FEC5B777-01E1-45EE-AF95-C3BD1F098B2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update271:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B504718-5DCE-43B4-B19A-C6B6E7444BD3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update281:*:*:*:*:*:*\",\"matchCriteriaId\":\"3102AA10-99A8-49A9-867E-7EEC56865680\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update282:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A55CBC7-A7B2-4B89-8AB5-ED30DBE6814E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update291:*:*:*:*:*:*\",\"matchCriteriaId\":\"15BA8A26-2CDA-442B-A549-6BE92DCCD205\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update301:*:*:*:*:*:*\",\"matchCriteriaId\":\"56F2883B-6A1B-4081-8877-07AF3A73F6CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update302:*:*:*:*:*:*\",\"matchCriteriaId\":\"98C0742E-ACDD-4DB4-8A4C-B96702C8976C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update31:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8483034-DD5A-445D-892F-CDE90A7D58EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update312:*:*:*:*:*:*\",\"matchCriteriaId\":\"1716A5CD-1C32-4F19-9DDE-F9C7CCB6B420\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update322:*:*:*:*:*:*\",\"matchCriteriaId\":\"DAB4F663-BCAF-43DB-BCC3-24C060B0CBAB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update332:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8EF5BB8-7DAF-49B0-A11E-14E89EF7377A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update40:*:*:*:*:*:*\",\"matchCriteriaId\":\"8279718F-878F-4868-8859-1728D13CD0D8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update45:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C024E1A-FD2C-42E8-B227-C2AFD3040436\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update5:*:*:*:*:*:*\",\"matchCriteriaId\":\"4F24389D-DDD0-4204-AA24-31C920A4F47E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update51:*:*:*:*:*:*\",\"matchCriteriaId\":\"966979BE-1F21-4729-B6B8-610F74648344\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update60:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8534265-33BF-460D-BF74-5F55FDE50F29\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update65:*:*:*:*:*:*\",\"matchCriteriaId\":\"F77AFC25-1466-4E56-9D5F-6988F3288E16\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update66:*:*:*:*:*:*\",\"matchCriteriaId\":\"A650BEB8-E56F-4E42-9361-8D2DB083F0F8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update71:*:*:*:*:*:*\",\"matchCriteriaId\":\"799FFECD-E80A-44B3-953D-CDB5E195F3AA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update72:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7047507-7CAF-4A14-AA9A-5CEF806EDE98\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update73:*:*:*:*:*:*\",\"matchCriteriaId\":\"CFC7B179-95D3-4F94-84F6-73F1034A1AF2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update74:*:*:*:*:*:*\",\"matchCriteriaId\":\"9FB28526-9385-44CA-AF08-1899E6C3AE4D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update77:*:*:*:*:*:*\",\"matchCriteriaId\":\"E26B69E4-0B43-415F-A82B-52FDCB262B3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update91:*:*:*:*:*:*\",\"matchCriteriaId\":\"27BC4150-70EC-462B-8FC5-20B3442CBB31\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:8:update92:*:*:*:*:*:*\",\"matchCriteriaId\":\"02646989-ECD9-40AE-A83E-EFF4080C69B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56CBFC1F-C120-44F2-877A-C1C880AA89C4\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80E516C0-98A4-4ADE-B69F-66A772E2BAAA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:7-mode_transition_tool:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7EF6650C-558D-45C8-AE7D-136EE70CB6D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*\",\"matchCriteriaId\":\"3A756737-1CC4-42C2-A4DF-E1C893B4E2D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"B55E8D50-99B4-47EC-86F9-699B67D473CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:cloud_insights_acquisition_unit:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CCAA4004-9319-478C-9D55-0E8307F872F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:cloud_secure_agent:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F0F202E8-97E6-4BBB-A0B6-4CA3F5803C08\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A3C19813-E823-456A-B1CE-EC0684CE1953\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1BE6C1F-2565-4E97-92AA-16563E5660A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6E9EF0C-AFA8-4F7B-9FDC-1E0F7C26E737\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD7447BC-F315-4298-A822-549942FC118B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:azul:zulu:6.47:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E4633C4-E552-439D-8FE4-139E3A7956CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:azul:zulu:7.54:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"50C77346-8893-44F0-B0D1-5D4D30A9CA3B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:azul:zulu:8.62:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63E58DE0-A96A-452E-986F-3BD2FEA7C723\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:azul:zulu:11.56:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3FB1BF4-3FCF-4007-A9E3-97C35483D6A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:azul:zulu:13.48:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD7A33EC-DE03-424F-9796-E5EA071FF6CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:azul:zulu:15.40:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CCDAFFA9-0AA4-4C70-9154-8DA4BB255FD2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:azul:zulu:17.34:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B6302149-28AA-481E-BC6C-87D05E73768A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:azul:zulu:18.30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"20DFD9D8-8648-40F7-81B8-04F852A337FA\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/168186/Xalan-J-XSLTC-Integer-Truncation.html\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2022/07/19/5\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2022/07/19/6\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2022/07/20/2\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2022/07/20/3\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2022/10/18/2\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2022/11/04/8\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2022/11/07/2\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread/12pxy4phsry6c34x2ol4fft6xlho4kyw\",\"source\":\"security@apache.org\",\"tags\":[\"Issue Tracking\",\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"https://lists.apache.org/thread/2qvl7r43wb4t8p9dd9om1bnkssk07sn8\",\"source\":\"security@apache.org\",\"tags\":[\"Issue Tracking\",\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/10/msg00024.html\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L/\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM/\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2/\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO/\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ/\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB/\",\"source\":\"security@apache.org\"},{\"url\":\"https://security.gentoo.org/glsa/202401-25\",\"source\":\"security@apache.org\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20220729-0009/\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240621-0006/\",\"source\":\"security@apache.org\"},{\"url\":\"https://www.debian.org/security/2022/dsa-5188\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2022/dsa-5192\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2022/dsa-5256\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2022.html\",\"source\":\"security@apache.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/168186/Xalan-J-XSLTC-Integer-Truncation.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2022/07/19/5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2022/07/19/6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2022/07/20/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2022/07/20/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2022/10/18/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2022/11/04/8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2022/11/07/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread/12pxy4phsry6c34x2ol4fft6xlho4kyw\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"https://lists.apache.org/thread/2qvl7r43wb4t8p9dd9om1bnkssk07sn8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/10/msg00024.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.gentoo.org/glsa/202401-25\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20220729-0009/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240621-0006/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.debian.org/security/2022/dsa-5188\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2022/dsa-5192\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2022/dsa-5256\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://lists.apache.org/thread/2qvl7r43wb4t8p9dd9om1bnkssk07sn8\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.apache.org/thread/12pxy4phsry6c34x2ol4fft6xlho4kyw\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2022/07/19/5\", \"name\": \"[oss-security] 20220719 CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujul2022.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2022/07/19/6\", \"name\": \"[oss-security] 20220719 Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2022/07/20/2\", \"name\": \"[oss-security] 20220719 Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2022/07/20/3\", \"name\": \"[oss-security] 20220720 Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2022/dsa-5188\", \"name\": \"DSA-5188\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2022/dsa-5192\", \"name\": \"DSA-5192\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20220729-0009/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO/\", \"name\": \"FEDORA-2022-19b6f21746\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2/\", \"name\": \"FEDORA-2022-ae563934f7\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB/\", \"name\": \"FEDORA-2022-e573851f56\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM/\", \"name\": \"FEDORA-2022-d26586b419\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ/\", \"name\": \"FEDORA-2022-80afe2304a\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L/\", \"name\": \"FEDORA-2022-b76ab52e73\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/168186/Xalan-J-XSLTC-Integer-Truncation.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2022/10/18/2\", \"name\": \"[oss-security] 20221017 Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2022/10/msg00024.html\", \"name\": \"[debian-lts-announce] 20221018 [SECURITY] [DLA 3155-1] bcel security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2022/dsa-5256\", \"name\": \"DSA-5256\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2022/11/04/8\", \"name\": \"[oss-security] 20221104 Re: CVE-2022-42920: Apache Commons BCEL prior to 6.6.0 allows producing arbitrary bytecode via out-of-bounds writing\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2022/11/07/2\", \"name\": \"[oss-security] 20221107 Re: CVE-2022-42920: Apache Commons BCEL prior to 6.6.0 allows producing arbitrary bytecode via out-of-bounds writing\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://security.gentoo.org/glsa/202401-25\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240621-0006/\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T08:16:17.277Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-34169\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-05-20T16:24:49.067251Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-681\", \"description\": \"CWE-681 Incorrect Conversion between Numeric Types\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-05-20T16:24:47.647Z\"}}], \"cna\": {\"title\": \"Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"value\": \"Reported by Felix Wilhelm, Google Project Zero\"}], \"affected\": [{\"vendor\": \"Apache Software Foundation\", \"product\": \"Apache Xalan-J\", \"versions\": [{\"status\": \"affected\", \"version\": \"Xalan-J\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"2.7.2\"}]}], \"references\": [{\"url\": \"https://lists.apache.org/thread/2qvl7r43wb4t8p9dd9om1bnkssk07sn8\"}, {\"url\": \"https://lists.apache.org/thread/12pxy4phsry6c34x2ol4fft6xlho4kyw\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2022/07/19/5\", \"name\": \"[oss-security] 20220719 CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujul2022.html\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2022/07/19/6\", \"name\": \"[oss-security] 20220719 Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2022/07/20/2\", \"name\": \"[oss-security] 20220719 Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2022/07/20/3\", \"name\": \"[oss-security] 20220720 Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://www.debian.org/security/2022/dsa-5188\", \"name\": \"DSA-5188\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://www.debian.org/security/2022/dsa-5192\", \"name\": \"DSA-5192\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20220729-0009/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO/\", \"name\": \"FEDORA-2022-19b6f21746\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2/\", \"name\": \"FEDORA-2022-ae563934f7\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB/\", \"name\": \"FEDORA-2022-e573851f56\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM/\", \"name\": \"FEDORA-2022-d26586b419\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ/\", \"name\": \"FEDORA-2022-80afe2304a\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L/\", \"name\": \"FEDORA-2022-b76ab52e73\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"http://packetstormsecurity.com/files/168186/Xalan-J-XSLTC-Integer-Truncation.html\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2022/10/18/2\", \"name\": \"[oss-security] 20221017 Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2022/10/msg00024.html\", \"name\": \"[debian-lts-announce] 20221018 [SECURITY] [DLA 3155-1] bcel security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://www.debian.org/security/2022/dsa-5256\", \"name\": \"DSA-5256\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2022/11/04/8\", \"name\": \"[oss-security] 20221104 Re: CVE-2022-42920: Apache Commons BCEL prior to 6.6.0 allows producing arbitrary bytecode via out-of-bounds writing\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2022/11/07/2\", \"name\": \"[oss-security] 20221107 Re: CVE-2022-42920: Apache Commons BCEL prior to 6.6.0 allows producing arbitrary bytecode via out-of-bounds writing\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://security.gentoo.org/glsa/202401-25\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240621-0006/\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.0.9\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"integer truncation\"}]}], \"providerMetadata\": {\"orgId\": \"f0158376-9dc2-43b6-827c-5f631a4d8d09\", \"shortName\": \"apache\", \"dateUpdated\": \"2024-06-21T19:07:47.103Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2022-34169\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-05-27T12:51:15.955Z\", \"dateReserved\": \"2022-06-21T00:00:00.000Z\", \"assignerOrgId\": \"f0158376-9dc2-43b6-827c-5f631a4d8d09\", \"datePublished\": \"2022-07-19T00:00:00.000Z\", \"assignerShortName\": \"apache\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
NCSC-2025-0025
Vulnerability from csaf_ncscnl - Published: 2025-01-22 13:33 - Updated: 2025-01-22 13:33Summary
Kwetsbaarheden verholpen in Oracle Financial Services
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten: Oracle heeft meerdere kwetsbaarheden verholpen in Financial Services en componenten.
Interpretaties: De kwetsbaarheden stellen ongeauthenticeerde aanvallers in staat om toegang te krijgen tot kritieke gegevens en de systeemintegriteit in gevaar te brengen. Specifieke kwetsbaarheden kunnen leiden tot compromittering van vertrouwelijkheid, integriteit en beschikbaarheid, met schadeclassificaties variërend van gemiddeld tot hoog. Sommige kwetsbaarheden kunnen op afstand worden uitgebuit zonder gebruikersinteractie, wat het risico op privilege-escalatie en denial-of-service vergroot.
Oplossingen: Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans: medium
Schade: high
CWE-681: Incorrect Conversion between Numeric Types
CWE-20: Improper Input Validation
CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE-131: Incorrect Calculation of Buffer Size
CWE-178: Improper Handling of Case Sensitivity
CWE-284: Improper Access Control
CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CWE-611: Improper Restriction of XML External Entity Reference
CWE-670: Always-Incorrect Control Flow Implementation
CWE-192: Integer Coercion Error
CWE-676: Use of Potentially Dangerous Function
CWE-222: Truncation of Security-relevant Information
CWE-755: Improper Handling of Exceptional Conditions
CWE-704: Incorrect Type Conversion or Cast
CWE-680: Integer Overflow to Buffer Overflow
CWE-426: Untrusted Search Path
CWE-354: Improper Validation of Integrity Check Value
CWE-190: Integer Overflow or Wraparound
CWE-532: Insertion of Sensitive Information into Log File
CWE-639: Authorization Bypass Through User-Controlled Key
CWE-757: Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')
CWE-400: Uncontrolled Resource Consumption
CWE-502: Deserialization of Untrusted Data
CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CWE-121: Stack-based Buffer Overflow
CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
7.5 (High)
Affected products
Known affected
155 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:4.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.2:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.8:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.7.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.7:*:*:*:*:*:*:*
|
— | |
|
banking_corporate_lending_process_management
oracle
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:*:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.9.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.2:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_reconciliation_framework
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:8.0.7.1.2:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_reconciliation_framework
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:8.1.1.1.7:*:*:*:*:*:*:*
|
— | |
|
financial_services_asset_liability_management
oracle
|
cpe:2.3:a:oracle:financial_services_asset_liability_management:8.0.7.8.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_balance_computation_engine
oracle
|
cpe:2.3:a:oracle:financial_services_balance_computation_engine:8.1.1.1.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_balance_sheet_planning
oracle
|
cpe:2.3:a:oracle:financial_services_balance_sheet_planning:8.0.8.1.4:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.1.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.3:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.4:*:*:*:*:*:*:*
|
— | |
|
financial_services_compliance_studio
oracle
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.4:*:*:*:*:*:*:*
|
— | |
|
financial_services_crime_and_compliance_management_studio
oracle
|
cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.3.5:*:*:*:*:*:*:*
|
— | |
|
financial_services_currency_transaction_reporting
oracle
|
cpe:2.3:a:oracle:financial_services_currency_transaction_reporting:8.0.8.1.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_currency_transaction_reporting
oracle
|
cpe:2.3:a:oracle:financial_services_currency_transaction_reporting:8.1.1.1.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_currency_transaction_reporting
oracle
|
cpe:2.3:a:oracle:financial_services_currency_transaction_reporting:8.1.2.3.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_currency_transaction_reporting
oracle
|
cpe:2.3:a:oracle:financial_services_currency_transaction_reporting:8.1.2.4.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_data_governance_for_us_regulatory_reporting
oracle
|
cpe:2.3:a:oracle:financial_services_data_governance_for_us_regulatory_reporting:8.1.2.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_data_governance_for_us_regulatory_reporting
oracle
|
cpe:2.3:a:oracle:financial_services_data_governance_for_us_regulatory_reporting:8.1.2.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_data_integration_hub
oracle
|
cpe:2.3:a:oracle:financial_services_data_integration_hub:8.0.7.3.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_data_integration_hub
oracle
|
cpe:2.3:a:oracle:financial_services_data_integration_hub:8.1.0.1.4:*:*:*:*:*:*:*
|
— | |
|
financial_services_data_integration_hub
oracle
|
cpe:2.3:a:oracle:financial_services_data_integration_hub:8.1.2.2.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_deposit_insurance_calculations_for_liquidity_risk_management
oracle
|
cpe:2.3:a:oracle:financial_services_deposit_insurance_calculations_for_liquidity_risk_management:8.0.7.3.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_deposit_insurance_calculations_for_liquidity_risk_management
oracle
|
cpe:2.3:a:oracle:financial_services_deposit_insurance_calculations_for_liquidity_risk_management:8.0.8.3.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.8.2:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.1.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.3:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.4:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_financial_performance_analytics
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_financial_performance_analytics:8.0.7.8.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_funds_transfer_pricing
oracle
|
cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.0.7.8.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_institutional_performance_analytics
oracle
|
cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.7.8.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_liquidity_risk_measurement_and_management
oracle
|
cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.7.3.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_liquidity_risk_measurement_and_management
oracle
|
cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.8.3.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_loan_loss_forecasting_and_provisioning
oracle
|
cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.0.7.8.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_loan_loss_forecasting_and_provisioning
oracle
|
cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.0.8.2.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_model_management_and_governance
oracle
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_model_management_and_governance
oracle
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_profitability_management
oracle
|
cpe:2.3:a:oracle:financial_services_profitability_management:8.0.7.8.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_regulatory_reporting
oracle
|
cpe:2.3:a:oracle:financial_services_regulatory_reporting:8.0.8.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_regulatory_reporting
oracle
|
cpe:2.3:a:oracle:financial_services_regulatory_reporting:8.1.1.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_regulatory_reporting
oracle
|
cpe:2.3:a:oracle:financial_services_regulatory_reporting:8.1.2.3:*:*:*:*:*:*:*
|
— | |
|
financial_services_regulatory_reporting
oracle
|
cpe:2.3:a:oracle:financial_services_regulatory_reporting:8.1.2.4:*:*:*:*:*:*:*
|
— | |
|
financial_services_regulatory_reporting_with_agilereporter
oracle
|
cpe:2.3:a:oracle:financial_services_regulatory_reporting_with_agilereporter:8.1.1.2.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_retail_performance_analytics
oracle
|
cpe:2.3:a:oracle:financial_services_retail_performance_analytics:8.0.7.8.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_trade-based_anti_money_laundering_enterprise_edition
oracle
|
cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering_enterprise_edition:8.0.8.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_crime_and_compliance_management_studio
oracle
|
cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.3.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.7.2:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.1.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.2:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.7.3:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.1.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.2:*:*:*:*:*:*:*
|
— | |
|
financial_services_model_management_and_governance
oracle
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.0.8.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_model_management_and_governance
oracle
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.1.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_trade-based_anti_money_laundering_enterprise_edition
oracle
|
cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering_enterprise_edition:8.0.7.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_trade-based_anti_money_laundering_enterprise_edition
oracle
|
cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering_enterprise_edition:8.0.8.0:*:*:*:*:*:*:*
|
— | |
|
banking_liquidity_management
oracle
|
cpe:2.3:a:oracle:banking_liquidity_management:*:*:*:*:*:*:*:*
|
— | |
|
banking_liquidity_management
oracle
|
cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.3.0:*:*:*:*:*:*:*
|
— | |
|
banking_origination
oracle
|
cpe:2.3:a:oracle:banking_origination:*:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.9:*:*:*:*:*:*:*
|
— | |
|
banking_corporate_lending_process_management
oracle
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5:*:*:*:*:*:*:*
|
— | |
|
banking_liquidity_management
oracle
|
cpe:2.3:a:oracle:banking_liquidity_management:14.2:*:*:*:*:*:*:*
|
— | |
|
banking_liquidity_management
oracle
|
cpe:2.3:a:oracle:banking_liquidity_management:14.5:*:*:*:*:*:*:*
|
— | |
|
banking_origination
oracle
|
cpe:2.3:a:oracle:banking_origination:14.5:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.7.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:*:*:*:*:*:*:*:*
|
— | |
|
financial_services_crime_and_compliance_management_studio
oracle
|
cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:_studio___8.0.8.2.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_crime_and_compliance_management_studio
oracle
|
cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.2.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_crime_and_compliance_management_studio
oracle
|
cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:_studio___8.0.8.3.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_crime_and_compliance_management_studio
oracle
|
cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.3.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.7.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.7.2:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.8.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.8.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:*:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.1.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:*:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:4.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.5:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.6:*:*:*:*:*:*:*
|
— | |
|
financial_services_compliance_studio
oracle
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.5:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.5:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.6:*:*:*:*:*:*:*
|
— | |
|
financial_services_lending_and_leasing
oracle
|
cpe:2.3:a:oracle:financial_services_lending_and_leasing:*:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.8.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:_pricing_services___2.9.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.1.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.2.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:4.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:_security___5.1.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.1.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_trade-based_anti_money_laundering_enterprise_edition
oracle
|
cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering_enterprise_edition:8.0.8:*:*:*:*:*:*:*
|
— | |
|
banking_liquidity_management
oracle
|
cpe:2.3:a:oracle:banking_liquidity_management:14.5.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_liquidity_management
oracle
|
cpe:2.3:a:oracle:banking_liquidity_management:14.6.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_liquidity_management
oracle
|
cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_origination
oracle
|
cpe:2.3:a:oracle:banking_origination:14.5.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_origination
oracle
|
cpe:2.3:a:oracle:banking_origination:14.6.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_origination
oracle
|
cpe:2.3:a:oracle:banking_origination:14.7.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.8.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.1.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.2.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:4.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_corporate_lending_process_management
oracle
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_corporate_lending_process_management
oracle
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_corporate_lending_process_management
oracle
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.6.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_corporate_lending_process_management
oracle
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.7.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_basel_regulatory_capital_basic
oracle
|
cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.0.7.3:*:*:*:*:*:*:*
|
— | |
|
financial_services_basel_regulatory_capital_basic
oracle
|
cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.0.8.3:*:*:*:*:*:*:*
|
— | |
|
financial_services_basel_regulatory_capital_internal_ratings_based_approach
oracle
|
cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.0.7.3:*:*:*:*:*:*:*
|
— | |
|
financial_services_basel_regulatory_capital_internal_ratings_based_approach
oracle
|
cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.0.8.3:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:*:*:*:*:*:*:*
|
— | |
|
financial_services_compliance_studio
oracle
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:*:*:*:*:*:*:*
|
— | |
|
financial_services_compliance_studio
oracle
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.7:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.8.2.8:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.1.1.18:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.6.4:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.7.3:*:*:*:*:*:*:*
|
— | |
|
financial_services_model_management_and_governance
oracle
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.5:*:*:*:*:*:*:*
|
— | |
|
financial_services_model_management_and_governance
oracle
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0.0:*:*:*:*:*:*:*
|
— |
CWE-426
- Untrusted Search Path
Affected products
Known affected
34 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
banking_corporate_lending_process_management
oracle
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_corporate_lending_process_management
oracle
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_corporate_lending_process_management
oracle
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.6.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_corporate_lending_process_management
oracle
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.7.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_liquidity_management
oracle
|
cpe:2.3:a:oracle:banking_liquidity_management:14.5.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_liquidity_management
oracle
|
cpe:2.3:a:oracle:banking_liquidity_management:14.6.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_liquidity_management
oracle
|
cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_origination
oracle
|
cpe:2.3:a:oracle:banking_origination:14.5.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_origination
oracle
|
cpe:2.3:a:oracle:banking_origination:14.6.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_origination
oracle
|
cpe:2.3:a:oracle:banking_origination:14.7.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2:*:*:*:*:*:*:*
|
— | |
|
financial_services_basel_regulatory_capital_basic
oracle
|
cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.0.7.3:*:*:*:*:*:*:*
|
— | |
|
financial_services_basel_regulatory_capital_basic
oracle
|
cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.0.8.3:*:*:*:*:*:*:*
|
— | |
|
financial_services_basel_regulatory_capital_internal_ratings_based_approach
oracle
|
cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.0.7.3:*:*:*:*:*:*:*
|
— | |
|
financial_services_basel_regulatory_capital_internal_ratings_based_approach
oracle
|
cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.0.8.3:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.1.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.6:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:*:*:*:*:*:*:*
|
— | |
|
financial_services_compliance_studio
oracle
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:*:*:*:*:*:*:*
|
— | |
|
financial_services_compliance_studio
oracle
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.7:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.8.2.8:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.1.1.18:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.6.4:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.7.3:*:*:*:*:*:*:*
|
— | |
|
financial_services_model_management_and_governance
oracle
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.5:*:*:*:*:*:*:*
|
— | |
|
financial_services_model_management_and_governance
oracle
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_trade-based_anti_money_laundering_enterprise_edition
oracle
|
cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering_enterprise_edition:8.0.8.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_compliance_studio
oracle
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.5:*:*:*:*:*:*:*
|
— |
5.3 (Medium)
Affected products
Known affected
74 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
financial_services_model_management_and_governance
oracle
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.4:*:*:*:*:*:*:*
|
— | |
|
financial_services_model_management_and_governance
oracle
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.3:*:*:*:*:*:*:*
|
— | |
|
banking_corporate_lending_process_management
oracle
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:*:*:*:*:*:*:*:*
|
— | |
|
banking_liquidity_management
oracle
|
cpe:2.3:a:oracle:banking_liquidity_management:*:*:*:*:*:*:*:*
|
— | |
|
banking_origination
oracle
|
cpe:2.3:a:oracle:banking_origination:*:*:*:*:*:*:*:*
|
— | |
|
financial_services_cash_flow_engine
oracle
|
cpe:2.3:a:oracle:financial_services_cash_flow_engine:8.1.2.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.9:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.1.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.1.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.5:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.5:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.8.2:*:*:*:*:*:*:*
|
— | |
|
financial_services_trade-based_anti_money_laundering_enterprise_edition
oracle
|
cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering_enterprise_edition:8.0.8:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.7.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:*:*:*:*:*:*:*:*
|
— | |
|
banking_liquidity_management
oracle
|
cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.3.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.6:*:*:*:*:*:*:*
|
— | |
|
financial_services_compliance_studio
oracle
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.5:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.6:*:*:*:*:*:*:*
|
— | |
|
financial_services_lending_and_leasing
oracle
|
cpe:2.3:a:oracle:financial_services_lending_and_leasing:*:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.8.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:_pricing_services___2.9.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.1.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.2.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:4.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:_security___5.1.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.1.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.2.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.1.0:*:*:*:*:*:*:*
|
— | |
|
banking_origination
oracle
|
cpe:2.3:a:oracle:banking_origination:14.7.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_origination
oracle
|
cpe:2.3:a:oracle:banking_origination:14.6.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_origination
oracle
|
cpe:2.3:a:oracle:banking_origination:14.5.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_liquidity_management
oracle
|
cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_liquidity_management
oracle
|
cpe:2.3:a:oracle:banking_liquidity_management:14.6.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_liquidity_management
oracle
|
cpe:2.3:a:oracle:banking_liquidity_management:14.5.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.8.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.1.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:4.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_corporate_lending_process_management
oracle
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_corporate_lending_process_management
oracle
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_corporate_lending_process_management
oracle
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.6.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_corporate_lending_process_management
oracle
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.7.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_basel_regulatory_capital_basic
oracle
|
cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.0.7.3:*:*:*:*:*:*:*
|
— | |
|
financial_services_basel_regulatory_capital_basic
oracle
|
cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.0.8.3:*:*:*:*:*:*:*
|
— | |
|
financial_services_basel_regulatory_capital_internal_ratings_based_approach
oracle
|
cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.0.7.3:*:*:*:*:*:*:*
|
— | |
|
financial_services_basel_regulatory_capital_internal_ratings_based_approach
oracle
|
cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.0.8.3:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:*:*:*:*:*:*:*
|
— | |
|
financial_services_compliance_studio
oracle
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:*:*:*:*:*:*:*
|
— | |
|
financial_services_compliance_studio
oracle
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.7:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.8.2.8:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.1.1.18:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.6.4:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.7.3:*:*:*:*:*:*:*
|
— | |
|
financial_services_model_management_and_governance
oracle
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.5:*:*:*:*:*:*:*
|
— | |
|
financial_services_model_management_and_governance
oracle
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_trade-based_anti_money_laundering_enterprise_edition
oracle
|
cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering_enterprise_edition:8.0.8.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_model_management_and_governance
oracle
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7:*:*:*:*:*:*:*
|
— | |
|
financial_services_model_management_and_governance
oracle
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.3.0:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.9:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.1.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.1.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.5:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.5:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.8.2:*:*:*:*:*:*:*
|
— | |
|
financial_services_trade-based_anti_money_laundering_enterprise_edition
oracle
|
cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering_enterprise_edition:8.0.8:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.7.1:*:*:*:*:*:*:*
|
— | |
|
banking_corporate_lending_process_management
oracle
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:*:*:*:*:*:*:*:*
|
— | |
|
banking_liquidity_management
oracle
|
cpe:2.3:a:oracle:banking_liquidity_management:*:*:*:*:*:*:*:*
|
— | |
|
banking_origination
oracle
|
cpe:2.3:a:oracle:banking_origination:*:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:*:*:*:*:*:*:*:*
|
— | |
|
banking_liquidity_management
oracle
|
cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.3.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.6:*:*:*:*:*:*:*
|
— | |
|
financial_services_compliance_studio
oracle
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.5:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.6:*:*:*:*:*:*:*
|
— | |
|
financial_services_lending_and_leasing
oracle
|
cpe:2.3:a:oracle:financial_services_lending_and_leasing:*:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.8.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:_pricing_services___2.9.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.1.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.2.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:4.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:_security___5.1.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.1.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_model_management_and_governance
oracle
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7:*:*:*:*:*:*:*
|
— | |
|
banking_corporate_lending_process_management
oracle
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_model_management_and_governance
oracle
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.3.0:*:*:*:*:*:*:*
|
— | |
|
banking_origination
oracle
|
cpe:2.3:a:oracle:banking_origination:14.5.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_model_management_and_governance
oracle
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:*:*:*:*:*:*:*
|
— |
6.5 (Medium)
Affected products
Known affected
69 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.9:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.1.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.1.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.5:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.5:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.8.2:*:*:*:*:*:*:*
|
— | |
|
financial_services_trade-based_anti_money_laundering_enterprise_edition
oracle
|
cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering_enterprise_edition:8.0.8:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.7.1:*:*:*:*:*:*:*
|
— | |
|
banking_corporate_lending_process_management
oracle
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:*:*:*:*:*:*:*:*
|
— | |
|
banking_liquidity_management
oracle
|
cpe:2.3:a:oracle:banking_liquidity_management:*:*:*:*:*:*:*:*
|
— | |
|
banking_origination
oracle
|
cpe:2.3:a:oracle:banking_origination:*:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:*:*:*:*:*:*:*:*
|
— | |
|
banking_liquidity_management
oracle
|
cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.3.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.6:*:*:*:*:*:*:*
|
— | |
|
financial_services_compliance_studio
oracle
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.5:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.6:*:*:*:*:*:*:*
|
— | |
|
financial_services_lending_and_leasing
oracle
|
cpe:2.3:a:oracle:financial_services_lending_and_leasing:*:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.8.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:_pricing_services___2.9.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.1.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.2.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:4.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:_security___5.1.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.1.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.2.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.1.0:*:*:*:*:*:*:*
|
— | |
|
banking_origination
oracle
|
cpe:2.3:a:oracle:banking_origination:14.7.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_origination
oracle
|
cpe:2.3:a:oracle:banking_origination:14.6.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_origination
oracle
|
cpe:2.3:a:oracle:banking_origination:14.5.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_liquidity_management
oracle
|
cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_liquidity_management
oracle
|
cpe:2.3:a:oracle:banking_liquidity_management:14.6.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_liquidity_management
oracle
|
cpe:2.3:a:oracle:banking_liquidity_management:14.5.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.8.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.1.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:4.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_corporate_lending_process_management
oracle
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_corporate_lending_process_management
oracle
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_corporate_lending_process_management
oracle
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.6.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_corporate_lending_process_management
oracle
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.7.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_basel_regulatory_capital_basic
oracle
|
cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.0.7.3:*:*:*:*:*:*:*
|
— | |
|
financial_services_basel_regulatory_capital_basic
oracle
|
cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.0.8.3:*:*:*:*:*:*:*
|
— | |
|
financial_services_basel_regulatory_capital_internal_ratings_based_approach
oracle
|
cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.0.7.3:*:*:*:*:*:*:*
|
— | |
|
financial_services_basel_regulatory_capital_internal_ratings_based_approach
oracle
|
cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.0.8.3:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:*:*:*:*:*:*:*
|
— | |
|
financial_services_compliance_studio
oracle
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:*:*:*:*:*:*:*
|
— | |
|
financial_services_compliance_studio
oracle
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.7:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.8.2.8:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.1.1.18:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.6.4:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.7.3:*:*:*:*:*:*:*
|
— | |
|
financial_services_model_management_and_governance
oracle
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.5:*:*:*:*:*:*:*
|
— | |
|
financial_services_model_management_and_governance
oracle
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_trade-based_anti_money_laundering_enterprise_edition
oracle
|
cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering_enterprise_edition:8.0.8.0:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
69 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.9:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.1.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.1.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.5:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.5:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.8.2:*:*:*:*:*:*:*
|
— | |
|
financial_services_trade-based_anti_money_laundering_enterprise_edition
oracle
|
cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering_enterprise_edition:8.0.8:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.7.1:*:*:*:*:*:*:*
|
— | |
|
banking_corporate_lending_process_management
oracle
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:*:*:*:*:*:*:*:*
|
— | |
|
banking_liquidity_management
oracle
|
cpe:2.3:a:oracle:banking_liquidity_management:*:*:*:*:*:*:*:*
|
— | |
|
banking_origination
oracle
|
cpe:2.3:a:oracle:banking_origination:*:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:*:*:*:*:*:*:*:*
|
— | |
|
banking_liquidity_management
oracle
|
cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.3.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.6:*:*:*:*:*:*:*
|
— | |
|
financial_services_compliance_studio
oracle
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.5:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.6:*:*:*:*:*:*:*
|
— | |
|
financial_services_lending_and_leasing
oracle
|
cpe:2.3:a:oracle:financial_services_lending_and_leasing:*:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.8.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:_pricing_services___2.9.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.1.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.2.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:4.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:_security___5.1.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.1.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.2.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.1.0:*:*:*:*:*:*:*
|
— | |
|
banking_origination
oracle
|
cpe:2.3:a:oracle:banking_origination:14.7.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_origination
oracle
|
cpe:2.3:a:oracle:banking_origination:14.6.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_origination
oracle
|
cpe:2.3:a:oracle:banking_origination:14.5.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_liquidity_management
oracle
|
cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_liquidity_management
oracle
|
cpe:2.3:a:oracle:banking_liquidity_management:14.6.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_liquidity_management
oracle
|
cpe:2.3:a:oracle:banking_liquidity_management:14.5.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.8.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.1.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:4.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_corporate_lending_process_management
oracle
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_corporate_lending_process_management
oracle
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_corporate_lending_process_management
oracle
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.6.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_corporate_lending_process_management
oracle
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.7.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_basel_regulatory_capital_basic
oracle
|
cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.0.7.3:*:*:*:*:*:*:*
|
— | |
|
financial_services_basel_regulatory_capital_basic
oracle
|
cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.0.8.3:*:*:*:*:*:*:*
|
— | |
|
financial_services_basel_regulatory_capital_internal_ratings_based_approach
oracle
|
cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.0.7.3:*:*:*:*:*:*:*
|
— | |
|
financial_services_basel_regulatory_capital_internal_ratings_based_approach
oracle
|
cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.0.8.3:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:*:*:*:*:*:*:*
|
— | |
|
financial_services_compliance_studio
oracle
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:*:*:*:*:*:*:*
|
— | |
|
financial_services_compliance_studio
oracle
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.7:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.8.2.8:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.1.1.18:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.6.4:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.7.3:*:*:*:*:*:*:*
|
— | |
|
financial_services_model_management_and_governance
oracle
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.5:*:*:*:*:*:*:*
|
— | |
|
financial_services_model_management_and_governance
oracle
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_trade-based_anti_money_laundering_enterprise_edition
oracle
|
cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering_enterprise_edition:8.0.8.0:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
45 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.2.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.1.0:*:*:*:*:*:*:*
|
— | |
|
banking_origination
oracle
|
cpe:2.3:a:oracle:banking_origination:14.7.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_origination
oracle
|
cpe:2.3:a:oracle:banking_origination:14.6.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_origination
oracle
|
cpe:2.3:a:oracle:banking_origination:14.5.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_liquidity_management
oracle
|
cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_liquidity_management
oracle
|
cpe:2.3:a:oracle:banking_liquidity_management:14.6.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_liquidity_management
oracle
|
cpe:2.3:a:oracle:banking_liquidity_management:14.5.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.8.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.1.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:4.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_corporate_lending_process_management
oracle
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_corporate_lending_process_management
oracle
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_corporate_lending_process_management
oracle
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.6.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_corporate_lending_process_management
oracle
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.7.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2:*:*:*:*:*:*:*
|
— | |
|
financial_services_basel_regulatory_capital_basic
oracle
|
cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.0.7.3:*:*:*:*:*:*:*
|
— | |
|
financial_services_basel_regulatory_capital_basic
oracle
|
cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.0.8.3:*:*:*:*:*:*:*
|
— | |
|
financial_services_basel_regulatory_capital_internal_ratings_based_approach
oracle
|
cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.0.7.3:*:*:*:*:*:*:*
|
— | |
|
financial_services_basel_regulatory_capital_internal_ratings_based_approach
oracle
|
cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.0.8.3:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.1.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.6:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:*:*:*:*:*:*:*
|
— | |
|
financial_services_compliance_studio
oracle
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:*:*:*:*:*:*:*
|
— | |
|
financial_services_compliance_studio
oracle
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.7:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.8.2.8:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.1.1.18:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.6.4:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.7.3:*:*:*:*:*:*:*
|
— | |
|
financial_services_model_management_and_governance
oracle
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.5:*:*:*:*:*:*:*
|
— | |
|
financial_services_model_management_and_governance
oracle
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_trade-based_anti_money_laundering_enterprise_edition
oracle
|
cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering_enterprise_edition:8.0.8.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_regulatory_reporting
oracle
|
cpe:2.3:a:oracle:financial_services_regulatory_reporting:8.1.2.8:*:*:*:*:*:*:*
|
— | |
|
financial_services_trade-based_anti_money_laundering
oracle
|
cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8:*:*:*:enterprise:*:*:*
|
— | |
|
financial_services_regulatory_reporting
oracle
|
cpe:2.3:a:oracle:financial_services_regulatory_reporting:8.1.2.7:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:*:*:*:*:*:*:*
|
— |
8.4 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.0.0-7.0.0.0.0:*:*:*:*:*:*:*
|
— |
7.3 (High)
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
financial_services_compliance_studio
oracle
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:*:*:*:*:*:*:*
|
— | |
|
banking_liquidity_management
oracle
|
cpe:2.3:a:oracle:banking_liquidity_management:14.7.5.0.0:*:*:*:*:*:*:*
|
— |
5.4 (Medium)
Affected products
Known affected
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
banking_corporate_lending_process_management
oracle
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_corporate_lending_process_management
oracle
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_corporate_lending_process_management
oracle
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.6.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_corporate_lending_process_management
oracle
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.7.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_liquidity_management
oracle
|
cpe:2.3:a:oracle:banking_liquidity_management:14.5.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_liquidity_management
oracle
|
cpe:2.3:a:oracle:banking_liquidity_management:14.6.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_liquidity_management
oracle
|
cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_origination
oracle
|
cpe:2.3:a:oracle:banking_origination:14.5.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_origination
oracle
|
cpe:2.3:a:oracle:banking_origination:14.6.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_origination
oracle
|
cpe:2.3:a:oracle:banking_origination:14.7.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2:*:*:*:*:*:*:*
|
— | |
|
financial_services_basel_regulatory_capital_basic
oracle
|
cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.0.7.3:*:*:*:*:*:*:*
|
— | |
|
financial_services_basel_regulatory_capital_basic
oracle
|
cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.0.8.3:*:*:*:*:*:*:*
|
— | |
|
financial_services_basel_regulatory_capital_internal_ratings_based_approach
oracle
|
cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.0.7.3:*:*:*:*:*:*:*
|
— | |
|
financial_services_basel_regulatory_capital_internal_ratings_based_approach
oracle
|
cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.0.8.3:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.1.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.6:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:*:*:*:*:*:*:*
|
— | |
|
financial_services_compliance_studio
oracle
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:*:*:*:*:*:*:*
|
— | |
|
financial_services_compliance_studio
oracle
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.7:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.8.2.8:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.1.1.18:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.6.4:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.7.3:*:*:*:*:*:*:*
|
— | |
|
financial_services_model_management_and_governance
oracle
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.5:*:*:*:*:*:*:*
|
— | |
|
financial_services_model_management_and_governance
oracle
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_revenue_management_and_billing
oracle
|
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_trade-based_anti_money_laundering_enterprise_edition
oracle
|
cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering_enterprise_edition:8.0.8.0:*:*:*:*:*:*:*
|
— | |
|
banking_liquidity_management
oracle
|
cpe:2.3:a:oracle:banking_liquidity_management:14.7.5.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_corporate_lending_process_management
oracle
|
cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
— | |
|
banking_origination
oracle
|
cpe:2.3:a:oracle:banking_origination:14.5.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
financial_services_model_management_and_governance
oracle
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7:*:*:*:*:*:*:*
|
— | |
|
financial_services_model_management_and_governance
oracle
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.3.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_model_management_and_governance
oracle
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:*:*:*:*:*:*:*
|
— |
5.7 (Medium)
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
banking_liquidity_management
oracle
|
cpe:2.3:a:oracle:banking_liquidity_management:14.7.5.0.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_compliance_studio
oracle
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.8:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.5:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.6:*:*:*:*:*:*:*
|
— | |
|
financial_services_model_management_and_governance
oracle
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.3.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_compliance_studio
oracle
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:*:*:*:*:*:*:*
|
— | |
|
financial_services_trade-based_anti_money_laundering
oracle
|
cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8:*:*:*:enterprise:*:*:*
|
— |
9.8 (Critical)
Affected products
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
financial_services_trade-based_anti_money_laundering
oracle
|
cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8:*:*:*:enterprise:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.6:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.5:*:*:*:*:*:*:*
|
— | |
|
financial_services_compliance_studio
oracle
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_model_management_and_governance
oracle
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.3.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.8:*:*:*:*:*:*:*
|
— |
4.8 (Medium)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
financial_services_compliance_studio
oracle
|
cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:*:*:*:*:*:*:*
|
— |
9.8 (Critical)
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
financial_services_trade-based_anti_money_laundering
oracle
|
cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8:*:*:*:enterprise:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.6:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_model_management_and_governance
oracle
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:*:*:*:*:*:*:*
|
— | |
|
financial_services_model_management_and_governance
oracle
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.5:*:*:*:*:*:*:*
|
— | |
|
financial_services_regulatory_reporting
oracle
|
cpe:2.3:a:oracle:financial_services_regulatory_reporting:8.1.2.8:*:*:*:*:*:*:*
|
— | |
|
financial_services_regulatory_reporting
oracle
|
cpe:2.3:a:oracle:financial_services_regulatory_reporting:8.1.2.7:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.8.2:*:*:*:*:*:*:*
|
— | |
|
financial_services_model_management_and_governance
oracle
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.3.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.8:*:*:*:*:*:*:*
|
— |
10.0 (Critical)
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
financial_services_trade-based_anti_money_laundering
oracle
|
cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8:*:*:*:enterprise:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.6:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_model_management_and_governance
oracle
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:*:*:*:*:*:*:*
|
— | |
|
financial_services_model_management_and_governance
oracle
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.5:*:*:*:*:*:*:*
|
— | |
|
financial_services_regulatory_reporting
oracle
|
cpe:2.3:a:oracle:financial_services_regulatory_reporting:8.1.2.8:*:*:*:*:*:*:*
|
— | |
|
financial_services_regulatory_reporting
oracle
|
cpe:2.3:a:oracle:financial_services_regulatory_reporting:8.1.2.7:*:*:*:*:*:*:*
|
— | |
|
financial_services_enterprise_case_management
oracle
|
cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.8.2:*:*:*:*:*:*:*
|
— | |
|
financial_services_model_management_and_governance
oracle
|
cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.3.0:*:*:*:*:*:*:*
|
— | |
|
financial_services_analytical_applications_infrastructure
oracle
|
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.8:*:*:*:*:*:*:*
|
— |
9.8 (Critical)
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:*:*:*:*:*:*:*
|
— | |
|
financial_services_trade-based_anti_money_laundering
oracle
|
cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8:*:*:*:enterprise:*:*:*
|
— |
9.8 (Critical)
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
financial_services_trade-based_anti_money_laundering
oracle
|
cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8:*:*:*:enterprise:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:*:*:*:*:*:*:*
|
— |
9.8 (Critical)
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
financial_services_trade-based_anti_money_laundering
oracle
|
cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8:*:*:*:enterprise:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:*:*:*:*:*:*:*
|
— |
6.1 (Medium)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:*:*:*:*:*:*:*
|
— | |
|
financial_services_behavior_detection_platform
oracle
|
cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:*:*:*:*:*:*:*
|
— |
References
22 references
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Oracle heeft meerdere kwetsbaarheden verholpen in Financial Services en componenten.",
"title": "Feiten"
},
{
"category": "description",
"text": "De kwetsbaarheden stellen ongeauthenticeerde aanvallers in staat om toegang te krijgen tot kritieke gegevens en de systeemintegriteit in gevaar te brengen. Specifieke kwetsbaarheden kunnen leiden tot compromittering van vertrouwelijkheid, integriteit en beschikbaarheid, met schadeclassificaties vari\u00ebrend van gemiddeld tot hoog. Sommige kwetsbaarheden kunnen op afstand worden uitgebuit zonder gebruikersinteractie, wat het risico op privilege-escalatie en denial-of-service vergroot.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Incorrect Conversion between Numeric Types",
"title": "CWE-681"
},
{
"category": "general",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
},
{
"category": "general",
"text": "Incorrect Calculation of Buffer Size",
"title": "CWE-131"
},
{
"category": "general",
"text": "Improper Handling of Case Sensitivity",
"title": "CWE-178"
},
{
"category": "general",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "general",
"text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CWE-1321"
},
{
"category": "general",
"text": "Improper Restriction of XML External Entity Reference",
"title": "CWE-611"
},
{
"category": "general",
"text": "Always-Incorrect Control Flow Implementation",
"title": "CWE-670"
},
{
"category": "general",
"text": "Integer Coercion Error",
"title": "CWE-192"
},
{
"category": "general",
"text": "Use of Potentially Dangerous Function",
"title": "CWE-676"
},
{
"category": "general",
"text": "Truncation of Security-relevant Information",
"title": "CWE-222"
},
{
"category": "general",
"text": "Improper Handling of Exceptional Conditions",
"title": "CWE-755"
},
{
"category": "general",
"text": "Incorrect Type Conversion or Cast",
"title": "CWE-704"
},
{
"category": "general",
"text": "Integer Overflow to Buffer Overflow",
"title": "CWE-680"
},
{
"category": "general",
"text": "Untrusted Search Path",
"title": "CWE-426"
},
{
"category": "general",
"text": "Improper Validation of Integrity Check Value",
"title": "CWE-354"
},
{
"category": "general",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "general",
"text": "Insertion of Sensitive Information into Log File",
"title": "CWE-532"
},
{
"category": "general",
"text": "Authorization Bypass Through User-Controlled Key",
"title": "CWE-639"
},
{
"category": "general",
"text": "Selection of Less-Secure Algorithm During Negotiation (\u0027Algorithm Downgrade\u0027)",
"title": "CWE-757"
},
{
"category": "general",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "general",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
},
{
"category": "general",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "general",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
},
{
"category": "general",
"text": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"title": "CWE-120"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference - cveprojectv5; nvd; oracle",
"url": "https://www.oracle.com/security-alerts/cpujan2025.html"
}
],
"title": "Kwetsbaarheden verholpen in Oracle Financial Services",
"tracking": {
"current_release_date": "2025-01-22T13:33:00.723963Z",
"id": "NCSC-2025-0025",
"initial_release_date": "2025-01-22T13:33:00.723963Z",
"revision_history": [
{
"date": "2025-01-22T13:33:00.723963Z",
"number": "0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "financial_services_analytical_applications_infrastructure",
"product": {
"name": "financial_services_analytical_applications_infrastructure",
"product_id": "CSAFPID-342808",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_analytical_applications_infrastructure",
"product": {
"name": "financial_services_analytical_applications_infrastructure",
"product_id": "CSAFPID-345045",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_analytical_applications_infrastructure",
"product": {
"name": "financial_services_analytical_applications_infrastructure",
"product_id": "CSAFPID-1751072",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.8:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_analytical_applications_infrastructure",
"product": {
"name": "financial_services_analytical_applications_infrastructure",
"product_id": "CSAFPID-9711",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_analytical_applications_infrastructure",
"product": {
"name": "financial_services_analytical_applications_infrastructure",
"product_id": "CSAFPID-345044",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_analytical_applications_infrastructure",
"product": {
"name": "financial_services_analytical_applications_infrastructure",
"product_id": "CSAFPID-1751083",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.6:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_analytical_applications_infrastructure",
"product": {
"name": "financial_services_analytical_applications_infrastructure",
"product_id": "CSAFPID-9300",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_analytical_applications_infrastructure",
"product": {
"name": "financial_services_analytical_applications_infrastructure",
"product_id": "CSAFPID-345043",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.9.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_analytical_applications_infrastructure",
"product": {
"name": "financial_services_analytical_applications_infrastructure",
"product_id": "CSAFPID-9522",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.9:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_analytical_applications_infrastructure",
"product": {
"name": "financial_services_analytical_applications_infrastructure",
"product_id": "CSAFPID-345042",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_analytical_applications_infrastructure",
"product": {
"name": "financial_services_analytical_applications_infrastructure",
"product_id": "CSAFPID-8848",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_analytical_applications_infrastructure",
"product": {
"name": "financial_services_analytical_applications_infrastructure",
"product_id": "CSAFPID-93309",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_analytical_applications_infrastructure",
"product": {
"name": "financial_services_analytical_applications_infrastructure",
"product_id": "CSAFPID-189066",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_analytical_applications_infrastructure",
"product": {
"name": "financial_services_analytical_applications_infrastructure",
"product_id": "CSAFPID-93305",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_analytical_applications_infrastructure",
"product": {
"name": "financial_services_analytical_applications_infrastructure",
"product_id": "CSAFPID-189064",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_analytical_applications_infrastructure",
"product": {
"name": "financial_services_analytical_applications_infrastructure",
"product_id": "CSAFPID-189063",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_analytical_applications_infrastructure",
"product": {
"name": "financial_services_analytical_applications_infrastructure",
"product_id": "CSAFPID-1751078",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_analytical_applications_infrastructure",
"product": {
"name": "financial_services_analytical_applications_infrastructure",
"product_id": "CSAFPID-189065",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_analytical_applications_reconciliation_framework",
"product": {
"name": "financial_services_analytical_applications_reconciliation_framework",
"product_id": "CSAFPID-363146",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:8.0.7.1.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_analytical_applications_reconciliation_framework",
"product": {
"name": "financial_services_analytical_applications_reconciliation_framework",
"product_id": "CSAFPID-363129",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:8.1.1.1.7:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_asset_liability_management",
"product": {
"name": "financial_services_asset_liability_management",
"product_id": "CSAFPID-363142",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_asset_liability_management:8.0.7.8.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_balance_computation_engine",
"product": {
"name": "financial_services_balance_computation_engine",
"product_id": "CSAFPID-363130",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_balance_computation_engine:8.1.1.1.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_balance_sheet_planning",
"product": {
"name": "financial_services_balance_sheet_planning",
"product_id": "CSAFPID-363135",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_balance_sheet_planning:8.0.8.1.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_basel_regulatory_capital_basic",
"product": {
"name": "financial_services_basel_regulatory_capital_basic",
"product_id": "CSAFPID-1503626",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.0.7.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_basel_regulatory_capital_basic",
"product": {
"name": "financial_services_basel_regulatory_capital_basic",
"product_id": "CSAFPID-1503627",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.0.8.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_basel_regulatory_capital_internal_ratings_based_approach",
"product": {
"name": "financial_services_basel_regulatory_capital_internal_ratings_based_approach",
"product_id": "CSAFPID-1503628",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.0.7.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_basel_regulatory_capital_internal_ratings_based_approach",
"product": {
"name": "financial_services_basel_regulatory_capital_internal_ratings_based_approach",
"product_id": "CSAFPID-1503629",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.0.8.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_behavior_detection_platform",
"product": {
"name": "financial_services_behavior_detection_platform",
"product_id": "CSAFPID-765261",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_behavior_detection_platform",
"product": {
"name": "financial_services_behavior_detection_platform",
"product_id": "CSAFPID-93312",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.7.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_behavior_detection_platform",
"product": {
"name": "financial_services_behavior_detection_platform",
"product_id": "CSAFPID-220456",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.7.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_behavior_detection_platform",
"product": {
"name": "financial_services_behavior_detection_platform",
"product_id": "CSAFPID-93311",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_behavior_detection_platform",
"product": {
"name": "financial_services_behavior_detection_platform",
"product_id": "CSAFPID-189067",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_behavior_detection_platform",
"product": {
"name": "financial_services_behavior_detection_platform",
"product_id": "CSAFPID-93308",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_behavior_detection_platform",
"product": {
"name": "financial_services_behavior_detection_platform",
"product_id": "CSAFPID-93307",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.1.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_behavior_detection_platform",
"product": {
"name": "financial_services_behavior_detection_platform",
"product_id": "CSAFPID-93306",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_behavior_detection_platform",
"product": {
"name": "financial_services_behavior_detection_platform",
"product_id": "CSAFPID-220368",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_behavior_detection_platform",
"product": {
"name": "financial_services_behavior_detection_platform",
"product_id": "CSAFPID-220449",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_behavior_detection_platform",
"product": {
"name": "financial_services_behavior_detection_platform",
"product_id": "CSAFPID-345041",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_behavior_detection_platform",
"product": {
"name": "financial_services_behavior_detection_platform",
"product_id": "CSAFPID-219772",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_behavior_detection_platform",
"product": {
"name": "financial_services_behavior_detection_platform",
"product_id": "CSAFPID-219770",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_behavior_detection_platform",
"product": {
"name": "financial_services_behavior_detection_platform",
"product_id": "CSAFPID-816828",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.6:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_behavior_detection_platform",
"product": {
"name": "financial_services_behavior_detection_platform",
"product_id": "CSAFPID-1503630",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_behavior_detection_platform",
"product": {
"name": "financial_services_behavior_detection_platform",
"product_id": "CSAFPID-1751074",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_cash_flow_engine",
"product": {
"name": "financial_services_cash_flow_engine",
"product_id": "CSAFPID-764273",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_cash_flow_engine:8.1.2.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_compliance_studio",
"product": {
"name": "financial_services_compliance_studio",
"product_id": "CSAFPID-345047",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_compliance_studio",
"product": {
"name": "financial_services_compliance_studio",
"product_id": "CSAFPID-816829",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_compliance_studio",
"product": {
"name": "financial_services_compliance_studio",
"product_id": "CSAFPID-1503631",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_compliance_studio",
"product": {
"name": "financial_services_compliance_studio",
"product_id": "CSAFPID-1503632",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.7:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_crime_and_compliance_management_studio",
"product": {
"name": "financial_services_crime_and_compliance_management_studio",
"product_id": "CSAFPID-93648",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_crime_and_compliance_management_studio",
"product": {
"name": "financial_services_crime_and_compliance_management_studio",
"product_id": "CSAFPID-93647",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_crime_and_compliance_management_studio",
"product": {
"name": "financial_services_crime_and_compliance_management_studio",
"product_id": "CSAFPID-764857",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.3.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_crime_and_compliance_management_studio",
"product": {
"name": "financial_services_crime_and_compliance_management_studio",
"product_id": "CSAFPID-391382",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.3.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_crime_and_compliance_management_studio",
"product": {
"name": "financial_services_crime_and_compliance_management_studio",
"product_id": "CSAFPID-765262",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:_studio___8.0.8.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_crime_and_compliance_management_studio",
"product": {
"name": "financial_services_crime_and_compliance_management_studio",
"product_id": "CSAFPID-765263",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:_studio___8.0.8.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_currency_transaction_reporting",
"product": {
"name": "financial_services_currency_transaction_reporting",
"product_id": "CSAFPID-493291",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_currency_transaction_reporting:8.0.8.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_currency_transaction_reporting",
"product": {
"name": "financial_services_currency_transaction_reporting",
"product_id": "CSAFPID-493290",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_currency_transaction_reporting:8.1.1.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_currency_transaction_reporting",
"product": {
"name": "financial_services_currency_transaction_reporting",
"product_id": "CSAFPID-493289",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_currency_transaction_reporting:8.1.2.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_currency_transaction_reporting",
"product": {
"name": "financial_services_currency_transaction_reporting",
"product_id": "CSAFPID-493288",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_currency_transaction_reporting:8.1.2.4.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_data_governance_for_us_regulatory_reporting",
"product": {
"name": "financial_services_data_governance_for_us_regulatory_reporting",
"product_id": "CSAFPID-363128",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_data_governance_for_us_regulatory_reporting:8.1.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_data_governance_for_us_regulatory_reporting",
"product": {
"name": "financial_services_data_governance_for_us_regulatory_reporting",
"product_id": "CSAFPID-363127",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_data_governance_for_us_regulatory_reporting:8.1.2.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_data_integration_hub",
"product": {
"name": "financial_services_data_integration_hub",
"product_id": "CSAFPID-363144",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_data_integration_hub:8.0.7.3.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_data_integration_hub",
"product": {
"name": "financial_services_data_integration_hub",
"product_id": "CSAFPID-363131",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_data_integration_hub:8.1.0.1.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_data_integration_hub",
"product": {
"name": "financial_services_data_integration_hub",
"product_id": "CSAFPID-363126",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_data_integration_hub:8.1.2.2.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_deposit_insurance_calculations_for_liquidity_risk_management",
"product": {
"name": "financial_services_deposit_insurance_calculations_for_liquidity_risk_management",
"product_id": "CSAFPID-363143",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_deposit_insurance_calculations_for_liquidity_risk_management:8.0.7.3.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_deposit_insurance_calculations_for_liquidity_risk_management",
"product": {
"name": "financial_services_deposit_insurance_calculations_for_liquidity_risk_management",
"product_id": "CSAFPID-363133",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_deposit_insurance_calculations_for_liquidity_risk_management:8.0.8.3.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_enterprise_case_management",
"product": {
"name": "financial_services_enterprise_case_management",
"product_id": "CSAFPID-567702",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_enterprise_case_management",
"product": {
"name": "financial_services_enterprise_case_management",
"product_id": "CSAFPID-220378",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.7.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_enterprise_case_management",
"product": {
"name": "financial_services_enterprise_case_management",
"product_id": "CSAFPID-220377",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.7.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_enterprise_case_management",
"product": {
"name": "financial_services_enterprise_case_management",
"product_id": "CSAFPID-220455",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.7.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_enterprise_case_management",
"product": {
"name": "financial_services_enterprise_case_management",
"product_id": "CSAFPID-220607",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.8.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_enterprise_case_management",
"product": {
"name": "financial_services_enterprise_case_management",
"product_id": "CSAFPID-220372",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.8.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_enterprise_case_management",
"product": {
"name": "financial_services_enterprise_case_management",
"product_id": "CSAFPID-1503633",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.8.2.8:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_enterprise_case_management",
"product": {
"name": "financial_services_enterprise_case_management",
"product_id": "CSAFPID-219774",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.8.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_enterprise_case_management",
"product": {
"name": "financial_services_enterprise_case_management",
"product_id": "CSAFPID-180191",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_enterprise_case_management",
"product": {
"name": "financial_services_enterprise_case_management",
"product_id": "CSAFPID-1503634",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.1.1.18:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_enterprise_case_management",
"product": {
"name": "financial_services_enterprise_case_management",
"product_id": "CSAFPID-180190",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.1.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_enterprise_case_management",
"product": {
"name": "financial_services_enterprise_case_management",
"product_id": "CSAFPID-180189",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_enterprise_case_management",
"product": {
"name": "financial_services_enterprise_case_management",
"product_id": "CSAFPID-220369",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_enterprise_case_management",
"product": {
"name": "financial_services_enterprise_case_management",
"product_id": "CSAFPID-220448",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_enterprise_case_management",
"product": {
"name": "financial_services_enterprise_case_management",
"product_id": "CSAFPID-345040",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_enterprise_case_management",
"product": {
"name": "financial_services_enterprise_case_management",
"product_id": "CSAFPID-219773",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_enterprise_case_management",
"product": {
"name": "financial_services_enterprise_case_management",
"product_id": "CSAFPID-219771",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_enterprise_case_management",
"product": {
"name": "financial_services_enterprise_case_management",
"product_id": "CSAFPID-1503635",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.6.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_enterprise_case_management",
"product": {
"name": "financial_services_enterprise_case_management",
"product_id": "CSAFPID-816830",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.6:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_enterprise_case_management",
"product": {
"name": "financial_services_enterprise_case_management",
"product_id": "CSAFPID-1503636",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.7.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_enterprise_financial_performance_analytics",
"product": {
"name": "financial_services_enterprise_financial_performance_analytics",
"product_id": "CSAFPID-363141",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_enterprise_financial_performance_analytics:8.0.7.8.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_funds_transfer_pricing",
"product": {
"name": "financial_services_funds_transfer_pricing",
"product_id": "CSAFPID-363138",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.0.7.8.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_institutional_performance_analytics",
"product": {
"name": "financial_services_institutional_performance_analytics",
"product_id": "CSAFPID-363136",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.7.8.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_lending_and_leasing",
"product": {
"name": "financial_services_lending_and_leasing",
"product_id": "CSAFPID-816831",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_lending_and_leasing:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_liquidity_risk_measurement_and_management",
"product": {
"name": "financial_services_liquidity_risk_measurement_and_management",
"product_id": "CSAFPID-363145",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.7.3.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_liquidity_risk_measurement_and_management",
"product": {
"name": "financial_services_liquidity_risk_measurement_and_management",
"product_id": "CSAFPID-363132",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.8.3.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_loan_loss_forecasting_and_provisioning",
"product": {
"name": "financial_services_loan_loss_forecasting_and_provisioning",
"product_id": "CSAFPID-363140",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.0.7.8.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_loan_loss_forecasting_and_provisioning",
"product": {
"name": "financial_services_loan_loss_forecasting_and_provisioning",
"product_id": "CSAFPID-363134",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.0.8.2.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_model_management_and_governance",
"product": {
"name": "financial_services_model_management_and_governance",
"product_id": "CSAFPID-764923",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.0.8.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_model_management_and_governance",
"product": {
"name": "financial_services_model_management_and_governance",
"product_id": "CSAFPID-396508",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_model_management_and_governance",
"product": {
"name": "financial_services_model_management_and_governance",
"product_id": "CSAFPID-764924",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_model_management_and_governance",
"product": {
"name": "financial_services_model_management_and_governance",
"product_id": "CSAFPID-396507",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_model_management_and_governance",
"product": {
"name": "financial_services_model_management_and_governance",
"product_id": "CSAFPID-611392",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_model_management_and_governance",
"product": {
"name": "financial_services_model_management_and_governance",
"product_id": "CSAFPID-611391",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_model_management_and_governance",
"product": {
"name": "financial_services_model_management_and_governance",
"product_id": "CSAFPID-1503319",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_model_management_and_governance",
"product": {
"name": "financial_services_model_management_and_governance",
"product_id": "CSAFPID-1503318",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_model_management_and_governance",
"product": {
"name": "financial_services_model_management_and_governance",
"product_id": "CSAFPID-1751202",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_model_management_and_governance",
"product": {
"name": "financial_services_model_management_and_governance",
"product_id": "CSAFPID-1751086",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_profitability_management",
"product": {
"name": "financial_services_profitability_management",
"product_id": "CSAFPID-363139",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_profitability_management:8.0.7.8.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_regulatory_reporting",
"product": {
"name": "financial_services_regulatory_reporting",
"product_id": "CSAFPID-570314",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_regulatory_reporting:8.0.8.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_regulatory_reporting",
"product": {
"name": "financial_services_regulatory_reporting",
"product_id": "CSAFPID-570313",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_regulatory_reporting:8.1.1.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_regulatory_reporting",
"product": {
"name": "financial_services_regulatory_reporting",
"product_id": "CSAFPID-570312",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_regulatory_reporting:8.1.2.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_regulatory_reporting",
"product": {
"name": "financial_services_regulatory_reporting",
"product_id": "CSAFPID-570311",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_regulatory_reporting:8.1.2.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_regulatory_reporting",
"product": {
"name": "financial_services_regulatory_reporting",
"product_id": "CSAFPID-1751214",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_regulatory_reporting:8.1.2.7:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_regulatory_reporting",
"product": {
"name": "financial_services_regulatory_reporting",
"product_id": "CSAFPID-1751213",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_regulatory_reporting:8.1.2.8:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_regulatory_reporting_with_agilereporter",
"product": {
"name": "financial_services_regulatory_reporting_with_agilereporter",
"product_id": "CSAFPID-611433",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_regulatory_reporting_with_agilereporter:8.1.1.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_retail_performance_analytics",
"product": {
"name": "financial_services_retail_performance_analytics",
"product_id": "CSAFPID-363137",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_retail_performance_analytics:8.0.7.8.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_revenue_management_and_billing",
"product": {
"name": "financial_services_revenue_management_and_billing",
"product_id": "CSAFPID-765266",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_revenue_management_and_billing",
"product": {
"name": "financial_services_revenue_management_and_billing",
"product_id": "CSAFPID-344846",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.7.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_revenue_management_and_billing",
"product": {
"name": "financial_services_revenue_management_and_billing",
"product_id": "CSAFPID-219833",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.7:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_revenue_management_and_billing",
"product": {
"name": "financial_services_revenue_management_and_billing",
"product_id": "CSAFPID-912589",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.8.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_revenue_management_and_billing",
"product": {
"name": "financial_services_revenue_management_and_billing",
"product_id": "CSAFPID-816832",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.8.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_revenue_management_and_billing",
"product": {
"name": "financial_services_revenue_management_and_billing",
"product_id": "CSAFPID-219832",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.8:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_revenue_management_and_billing",
"product": {
"name": "financial_services_revenue_management_and_billing",
"product_id": "CSAFPID-1751215",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.0.0-7.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_revenue_management_and_billing",
"product": {
"name": "financial_services_revenue_management_and_billing",
"product_id": "CSAFPID-765264",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_revenue_management_and_billing",
"product": {
"name": "financial_services_revenue_management_and_billing",
"product_id": "CSAFPID-765265",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_revenue_management_and_billing",
"product": {
"name": "financial_services_revenue_management_and_billing",
"product_id": "CSAFPID-816834",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_revenue_management_and_billing",
"product": {
"name": "financial_services_revenue_management_and_billing",
"product_id": "CSAFPID-344845",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_revenue_management_and_billing",
"product": {
"name": "financial_services_revenue_management_and_billing",
"product_id": "CSAFPID-219831",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_revenue_management_and_billing",
"product": {
"name": "financial_services_revenue_management_and_billing",
"product_id": "CSAFPID-400311",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_revenue_management_and_billing",
"product": {
"name": "financial_services_revenue_management_and_billing",
"product_id": "CSAFPID-816835",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_revenue_management_and_billing",
"product": {
"name": "financial_services_revenue_management_and_billing",
"product_id": "CSAFPID-219830",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_revenue_management_and_billing",
"product": {
"name": "financial_services_revenue_management_and_billing",
"product_id": "CSAFPID-912590",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.1.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_revenue_management_and_billing",
"product": {
"name": "financial_services_revenue_management_and_billing",
"product_id": "CSAFPID-816836",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_revenue_management_and_billing",
"product": {
"name": "financial_services_revenue_management_and_billing",
"product_id": "CSAFPID-219829",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_revenue_management_and_billing",
"product": {
"name": "financial_services_revenue_management_and_billing",
"product_id": "CSAFPID-400309",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.2.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_revenue_management_and_billing",
"product": {
"name": "financial_services_revenue_management_and_billing",
"product_id": "CSAFPID-816837",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_revenue_management_and_billing",
"product": {
"name": "financial_services_revenue_management_and_billing",
"product_id": "CSAFPID-219828",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_revenue_management_and_billing",
"product": {
"name": "financial_services_revenue_management_and_billing",
"product_id": "CSAFPID-400307",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:4.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_revenue_management_and_billing",
"product": {
"name": "financial_services_revenue_management_and_billing",
"product_id": "CSAFPID-912591",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:4.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_revenue_management_and_billing",
"product": {
"name": "financial_services_revenue_management_and_billing",
"product_id": "CSAFPID-816838",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:4.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_revenue_management_and_billing",
"product": {
"name": "financial_services_revenue_management_and_billing",
"product_id": "CSAFPID-219827",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_revenue_management_and_billing",
"product": {
"name": "financial_services_revenue_management_and_billing",
"product_id": "CSAFPID-912592",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_revenue_management_and_billing",
"product": {
"name": "financial_services_revenue_management_and_billing",
"product_id": "CSAFPID-816839",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_revenue_management_and_billing",
"product": {
"name": "financial_services_revenue_management_and_billing",
"product_id": "CSAFPID-816841",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_revenue_management_and_billing",
"product": {
"name": "financial_services_revenue_management_and_billing",
"product_id": "CSAFPID-1503637",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_revenue_management_and_billing",
"product": {
"name": "financial_services_revenue_management_and_billing",
"product_id": "CSAFPID-816842",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_revenue_management_and_billing",
"product": {
"name": "financial_services_revenue_management_and_billing",
"product_id": "CSAFPID-1503638",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_revenue_management_and_billing",
"product": {
"name": "financial_services_revenue_management_and_billing",
"product_id": "CSAFPID-816833",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:_pricing_services___2.9.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_revenue_management_and_billing",
"product": {
"name": "financial_services_revenue_management_and_billing",
"product_id": "CSAFPID-816840",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:_security___5.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_trade-based_anti_money_laundering",
"product": {
"name": "financial_services_trade-based_anti_money_laundering",
"product_id": "CSAFPID-1751087",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_trade-based_anti_money_laundering",
"product": {
"name": "financial_services_trade-based_anti_money_laundering",
"product_id": "CSAFPID-220375",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8:*:*:*:enterprise:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_trade-based_anti_money_laundering_enterprise_edition",
"product": {
"name": "financial_services_trade-based_anti_money_laundering_enterprise_edition",
"product_id": "CSAFPID-764925",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering_enterprise_edition:8.0.7.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_trade-based_anti_money_laundering_enterprise_edition",
"product": {
"name": "financial_services_trade-based_anti_money_laundering_enterprise_edition",
"product_id": "CSAFPID-764796",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering_enterprise_edition:8.0.8.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_trade-based_anti_money_laundering_enterprise_edition",
"product": {
"name": "financial_services_trade-based_anti_money_laundering_enterprise_edition",
"product_id": "CSAFPID-764926",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering_enterprise_edition:8.0.8.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "financial_services_trade-based_anti_money_laundering_enterprise_edition",
"product": {
"name": "financial_services_trade-based_anti_money_laundering_enterprise_edition",
"product_id": "CSAFPID-220374",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering_enterprise_edition:8.0.8:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "banking_liquidity_management",
"product": {
"name": "banking_liquidity_management",
"product_id": "CSAFPID-764262",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:banking_liquidity_management:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "banking_liquidity_management",
"product": {
"name": "banking_liquidity_management",
"product_id": "CSAFPID-180213",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:banking_liquidity_management:14.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "banking_liquidity_management",
"product": {
"name": "banking_liquidity_management",
"product_id": "CSAFPID-180207",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:banking_liquidity_management:14.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "banking_liquidity_management",
"product": {
"name": "banking_liquidity_management",
"product_id": "CSAFPID-912094",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:banking_liquidity_management:14.5.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "banking_liquidity_management",
"product": {
"name": "banking_liquidity_management",
"product_id": "CSAFPID-912093",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:banking_liquidity_management:14.6.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "banking_liquidity_management",
"product": {
"name": "banking_liquidity_management",
"product_id": "CSAFPID-912092",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "banking_liquidity_management",
"product": {
"name": "banking_liquidity_management",
"product_id": "CSAFPID-816824",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "banking_liquidity_management",
"product": {
"name": "banking_liquidity_management",
"product_id": "CSAFPID-1673499",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:banking_liquidity_management:14.7.5.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "banking_origination",
"product": {
"name": "banking_origination",
"product_id": "CSAFPID-764263",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:banking_origination:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "banking_origination",
"product": {
"name": "banking_origination",
"product_id": "CSAFPID-180208",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:banking_origination:14.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "banking_origination",
"product": {
"name": "banking_origination",
"product_id": "CSAFPID-1751207",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:banking_origination:14.5.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "banking_origination",
"product": {
"name": "banking_origination",
"product_id": "CSAFPID-912064",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:banking_origination:14.5.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "banking_origination",
"product": {
"name": "banking_origination",
"product_id": "CSAFPID-912063",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:banking_origination:14.6.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "banking_origination",
"product": {
"name": "banking_origination",
"product_id": "CSAFPID-912062",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:banking_origination:14.7.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "banking_corporate_lending_process_management",
"product": {
"name": "banking_corporate_lending_process_management",
"product_id": "CSAFPID-764259",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:banking_corporate_lending_process_management:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "banking_corporate_lending_process_management",
"product": {
"name": "banking_corporate_lending_process_management",
"product_id": "CSAFPID-1751206",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "banking_corporate_lending_process_management",
"product": {
"name": "banking_corporate_lending_process_management",
"product_id": "CSAFPID-1503614",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "banking_corporate_lending_process_management",
"product": {
"name": "banking_corporate_lending_process_management",
"product_id": "CSAFPID-180204",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "banking_corporate_lending_process_management",
"product": {
"name": "banking_corporate_lending_process_management",
"product_id": "CSAFPID-1503615",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "banking_corporate_lending_process_management",
"product": {
"name": "banking_corporate_lending_process_management",
"product_id": "CSAFPID-1503616",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.6.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "banking_corporate_lending_process_management",
"product": {
"name": "banking_corporate_lending_process_management",
"product_id": "CSAFPID-1503617",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.7.0.0.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "vendor",
"name": "oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-34169",
"cwe": {
"id": "CWE-192",
"name": "Integer Coercion Error"
},
"notes": [
{
"category": "other",
"text": "Integer Coercion Error",
"title": "CWE-192"
},
{
"category": "other",
"text": "Incorrect Conversion between Numeric Types",
"title": "CWE-681"
},
{
"category": "other",
"text": "Incorrect Type Conversion or Cast",
"title": "CWE-704"
}
],
"product_status": {
"known_affected": [
"CSAFPID-219827",
"CSAFPID-219828",
"CSAFPID-219829",
"CSAFPID-219830",
"CSAFPID-344845",
"CSAFPID-219831",
"CSAFPID-219832",
"CSAFPID-344846",
"CSAFPID-219833",
"CSAFPID-764259",
"CSAFPID-345045",
"CSAFPID-345044",
"CSAFPID-345043",
"CSAFPID-345042",
"CSAFPID-93309",
"CSAFPID-93305",
"CSAFPID-189064",
"CSAFPID-189063",
"CSAFPID-363146",
"CSAFPID-363129",
"CSAFPID-363142",
"CSAFPID-363130",
"CSAFPID-363135",
"CSAFPID-189067",
"CSAFPID-93307",
"CSAFPID-345041",
"CSAFPID-219772",
"CSAFPID-345047",
"CSAFPID-391382",
"CSAFPID-493291",
"CSAFPID-493290",
"CSAFPID-493289",
"CSAFPID-493288",
"CSAFPID-363128",
"CSAFPID-363127",
"CSAFPID-363144",
"CSAFPID-363131",
"CSAFPID-363126",
"CSAFPID-363143",
"CSAFPID-363133",
"CSAFPID-219774",
"CSAFPID-180190",
"CSAFPID-345040",
"CSAFPID-219773",
"CSAFPID-363141",
"CSAFPID-363138",
"CSAFPID-363136",
"CSAFPID-363145",
"CSAFPID-363132",
"CSAFPID-363140",
"CSAFPID-363134",
"CSAFPID-396508",
"CSAFPID-396507",
"CSAFPID-363139",
"CSAFPID-570314",
"CSAFPID-570313",
"CSAFPID-570312",
"CSAFPID-570311",
"CSAFPID-611433",
"CSAFPID-363137",
"CSAFPID-764796",
"CSAFPID-764857",
"CSAFPID-342808",
"CSAFPID-220456",
"CSAFPID-93308",
"CSAFPID-93306",
"CSAFPID-220368",
"CSAFPID-220449",
"CSAFPID-220455",
"CSAFPID-180191",
"CSAFPID-180189",
"CSAFPID-220369",
"CSAFPID-220448",
"CSAFPID-764923",
"CSAFPID-764924",
"CSAFPID-764925",
"CSAFPID-764926",
"CSAFPID-764262",
"CSAFPID-816824",
"CSAFPID-764263",
"CSAFPID-9711",
"CSAFPID-9300",
"CSAFPID-9522",
"CSAFPID-180204",
"CSAFPID-180213",
"CSAFPID-180207",
"CSAFPID-180208",
"CSAFPID-93312",
"CSAFPID-93311",
"CSAFPID-765261",
"CSAFPID-765262",
"CSAFPID-93648",
"CSAFPID-765263",
"CSAFPID-93647",
"CSAFPID-220378",
"CSAFPID-220377",
"CSAFPID-220607",
"CSAFPID-220372",
"CSAFPID-567702",
"CSAFPID-765264",
"CSAFPID-765265",
"CSAFPID-765266",
"CSAFPID-400307",
"CSAFPID-8848",
"CSAFPID-189066",
"CSAFPID-189065",
"CSAFPID-219770",
"CSAFPID-816828",
"CSAFPID-816829",
"CSAFPID-219771",
"CSAFPID-816830",
"CSAFPID-816831",
"CSAFPID-816832",
"CSAFPID-816833",
"CSAFPID-816834",
"CSAFPID-816835",
"CSAFPID-816836",
"CSAFPID-816837",
"CSAFPID-816838",
"CSAFPID-816839",
"CSAFPID-816840",
"CSAFPID-816841",
"CSAFPID-816842",
"CSAFPID-220374",
"CSAFPID-912094",
"CSAFPID-912093",
"CSAFPID-912092",
"CSAFPID-912064",
"CSAFPID-912063",
"CSAFPID-912062",
"CSAFPID-912589",
"CSAFPID-400311",
"CSAFPID-912590",
"CSAFPID-400309",
"CSAFPID-912591",
"CSAFPID-912592",
"CSAFPID-1503614",
"CSAFPID-1503615",
"CSAFPID-1503616",
"CSAFPID-1503617",
"CSAFPID-1503626",
"CSAFPID-1503627",
"CSAFPID-1503628",
"CSAFPID-1503629",
"CSAFPID-1503630",
"CSAFPID-1503631",
"CSAFPID-1503632",
"CSAFPID-1503633",
"CSAFPID-1503634",
"CSAFPID-1503635",
"CSAFPID-1503636",
"CSAFPID-1503319",
"CSAFPID-1503318",
"CSAFPID-1503637",
"CSAFPID-1503638"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-34169",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-34169.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-219827",
"CSAFPID-219828",
"CSAFPID-219829",
"CSAFPID-219830",
"CSAFPID-344845",
"CSAFPID-219831",
"CSAFPID-219832",
"CSAFPID-344846",
"CSAFPID-219833",
"CSAFPID-764259",
"CSAFPID-345045",
"CSAFPID-345044",
"CSAFPID-345043",
"CSAFPID-345042",
"CSAFPID-93309",
"CSAFPID-93305",
"CSAFPID-189064",
"CSAFPID-189063",
"CSAFPID-363146",
"CSAFPID-363129",
"CSAFPID-363142",
"CSAFPID-363130",
"CSAFPID-363135",
"CSAFPID-189067",
"CSAFPID-93307",
"CSAFPID-345041",
"CSAFPID-219772",
"CSAFPID-345047",
"CSAFPID-391382",
"CSAFPID-493291",
"CSAFPID-493290",
"CSAFPID-493289",
"CSAFPID-493288",
"CSAFPID-363128",
"CSAFPID-363127",
"CSAFPID-363144",
"CSAFPID-363131",
"CSAFPID-363126",
"CSAFPID-363143",
"CSAFPID-363133",
"CSAFPID-219774",
"CSAFPID-180190",
"CSAFPID-345040",
"CSAFPID-219773",
"CSAFPID-363141",
"CSAFPID-363138",
"CSAFPID-363136",
"CSAFPID-363145",
"CSAFPID-363132",
"CSAFPID-363140",
"CSAFPID-363134",
"CSAFPID-396508",
"CSAFPID-396507",
"CSAFPID-363139",
"CSAFPID-570314",
"CSAFPID-570313",
"CSAFPID-570312",
"CSAFPID-570311",
"CSAFPID-611433",
"CSAFPID-363137",
"CSAFPID-764796",
"CSAFPID-764857",
"CSAFPID-342808",
"CSAFPID-220456",
"CSAFPID-93308",
"CSAFPID-93306",
"CSAFPID-220368",
"CSAFPID-220449",
"CSAFPID-220455",
"CSAFPID-180191",
"CSAFPID-180189",
"CSAFPID-220369",
"CSAFPID-220448",
"CSAFPID-764923",
"CSAFPID-764924",
"CSAFPID-764925",
"CSAFPID-764926",
"CSAFPID-764262",
"CSAFPID-816824",
"CSAFPID-764263",
"CSAFPID-9711",
"CSAFPID-9300",
"CSAFPID-9522",
"CSAFPID-180204",
"CSAFPID-180213",
"CSAFPID-180207",
"CSAFPID-180208",
"CSAFPID-93312",
"CSAFPID-93311",
"CSAFPID-765261",
"CSAFPID-765262",
"CSAFPID-93648",
"CSAFPID-765263",
"CSAFPID-93647",
"CSAFPID-220378",
"CSAFPID-220377",
"CSAFPID-220607",
"CSAFPID-220372",
"CSAFPID-567702",
"CSAFPID-765264",
"CSAFPID-765265",
"CSAFPID-765266",
"CSAFPID-400307",
"CSAFPID-8848",
"CSAFPID-189066",
"CSAFPID-189065",
"CSAFPID-219770",
"CSAFPID-816828",
"CSAFPID-816829",
"CSAFPID-219771",
"CSAFPID-816830",
"CSAFPID-816831",
"CSAFPID-816832",
"CSAFPID-816833",
"CSAFPID-816834",
"CSAFPID-816835",
"CSAFPID-816836",
"CSAFPID-816837",
"CSAFPID-816838",
"CSAFPID-816839",
"CSAFPID-816840",
"CSAFPID-816841",
"CSAFPID-816842",
"CSAFPID-220374",
"CSAFPID-912094",
"CSAFPID-912093",
"CSAFPID-912092",
"CSAFPID-912064",
"CSAFPID-912063",
"CSAFPID-912062",
"CSAFPID-912589",
"CSAFPID-400311",
"CSAFPID-912590",
"CSAFPID-400309",
"CSAFPID-912591",
"CSAFPID-912592",
"CSAFPID-1503614",
"CSAFPID-1503615",
"CSAFPID-1503616",
"CSAFPID-1503617",
"CSAFPID-1503626",
"CSAFPID-1503627",
"CSAFPID-1503628",
"CSAFPID-1503629",
"CSAFPID-1503630",
"CSAFPID-1503631",
"CSAFPID-1503632",
"CSAFPID-1503633",
"CSAFPID-1503634",
"CSAFPID-1503635",
"CSAFPID-1503636",
"CSAFPID-1503319",
"CSAFPID-1503318",
"CSAFPID-1503637",
"CSAFPID-1503638"
]
}
],
"title": "CVE-2022-34169"
},
{
"cve": "CVE-2023-26031",
"cwe": {
"id": "CWE-426",
"name": "Untrusted Search Path"
},
"notes": [
{
"category": "other",
"text": "Untrusted Search Path",
"title": "CWE-426"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1503614",
"CSAFPID-1503615",
"CSAFPID-1503616",
"CSAFPID-1503617",
"CSAFPID-912094",
"CSAFPID-912093",
"CSAFPID-912092",
"CSAFPID-912064",
"CSAFPID-912063",
"CSAFPID-912062",
"CSAFPID-9711",
"CSAFPID-9300",
"CSAFPID-189066",
"CSAFPID-189065",
"CSAFPID-1503626",
"CSAFPID-1503627",
"CSAFPID-1503628",
"CSAFPID-1503629",
"CSAFPID-189067",
"CSAFPID-93307",
"CSAFPID-816828",
"CSAFPID-1503630",
"CSAFPID-1503631",
"CSAFPID-1503632",
"CSAFPID-1503633",
"CSAFPID-1503634",
"CSAFPID-1503635",
"CSAFPID-1503636",
"CSAFPID-1503319",
"CSAFPID-1503318",
"CSAFPID-1503637",
"CSAFPID-1503638",
"CSAFPID-764926",
"CSAFPID-816829"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-26031",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26031.json"
}
],
"title": "CVE-2023-26031"
},
{
"cve": "CVE-2023-33201",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
}
],
"product_status": {
"known_affected": [
"CSAFPID-611391",
"CSAFPID-611392",
"CSAFPID-764259",
"CSAFPID-764262",
"CSAFPID-764263",
"CSAFPID-764273",
"CSAFPID-8848",
"CSAFPID-9300",
"CSAFPID-9522",
"CSAFPID-9711",
"CSAFPID-93307",
"CSAFPID-180190",
"CSAFPID-189065",
"CSAFPID-189066",
"CSAFPID-189067",
"CSAFPID-219770",
"CSAFPID-219771",
"CSAFPID-219774",
"CSAFPID-220374",
"CSAFPID-344845",
"CSAFPID-344846",
"CSAFPID-765266",
"CSAFPID-816824",
"CSAFPID-816828",
"CSAFPID-816829",
"CSAFPID-816830",
"CSAFPID-816831",
"CSAFPID-816832",
"CSAFPID-816833",
"CSAFPID-816834",
"CSAFPID-816835",
"CSAFPID-816836",
"CSAFPID-816837",
"CSAFPID-816838",
"CSAFPID-816839",
"CSAFPID-816840",
"CSAFPID-816841",
"CSAFPID-816842",
"CSAFPID-400309",
"CSAFPID-400311",
"CSAFPID-765264",
"CSAFPID-765265",
"CSAFPID-912062",
"CSAFPID-912063",
"CSAFPID-912064",
"CSAFPID-912092",
"CSAFPID-912093",
"CSAFPID-912094",
"CSAFPID-912589",
"CSAFPID-912590",
"CSAFPID-912591",
"CSAFPID-912592",
"CSAFPID-1503614",
"CSAFPID-1503615",
"CSAFPID-1503616",
"CSAFPID-1503617",
"CSAFPID-1503626",
"CSAFPID-1503627",
"CSAFPID-1503628",
"CSAFPID-1503629",
"CSAFPID-1503630",
"CSAFPID-1503631",
"CSAFPID-1503632",
"CSAFPID-1503633",
"CSAFPID-1503634",
"CSAFPID-1503635",
"CSAFPID-1503636",
"CSAFPID-1503319",
"CSAFPID-1503318",
"CSAFPID-1503637",
"CSAFPID-1503638",
"CSAFPID-764926",
"CSAFPID-1751202",
"CSAFPID-1751086"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-33201",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-33201.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-611391",
"CSAFPID-611392",
"CSAFPID-764259",
"CSAFPID-764262",
"CSAFPID-764263",
"CSAFPID-764273",
"CSAFPID-8848",
"CSAFPID-9300",
"CSAFPID-9522",
"CSAFPID-9711",
"CSAFPID-93307",
"CSAFPID-180190",
"CSAFPID-189065",
"CSAFPID-189066",
"CSAFPID-189067",
"CSAFPID-219770",
"CSAFPID-219771",
"CSAFPID-219774",
"CSAFPID-220374",
"CSAFPID-344845",
"CSAFPID-344846",
"CSAFPID-765266",
"CSAFPID-816824",
"CSAFPID-816828",
"CSAFPID-816829",
"CSAFPID-816830",
"CSAFPID-816831",
"CSAFPID-816832",
"CSAFPID-816833",
"CSAFPID-816834",
"CSAFPID-816835",
"CSAFPID-816836",
"CSAFPID-816837",
"CSAFPID-816838",
"CSAFPID-816839",
"CSAFPID-816840",
"CSAFPID-816841",
"CSAFPID-816842",
"CSAFPID-400309",
"CSAFPID-400311",
"CSAFPID-765264",
"CSAFPID-765265",
"CSAFPID-912062",
"CSAFPID-912063",
"CSAFPID-912064",
"CSAFPID-912092",
"CSAFPID-912093",
"CSAFPID-912094",
"CSAFPID-912589",
"CSAFPID-912590",
"CSAFPID-912591",
"CSAFPID-912592",
"CSAFPID-1503614",
"CSAFPID-1503615",
"CSAFPID-1503616",
"CSAFPID-1503617",
"CSAFPID-1503626",
"CSAFPID-1503627",
"CSAFPID-1503628",
"CSAFPID-1503629",
"CSAFPID-1503630",
"CSAFPID-1503631",
"CSAFPID-1503632",
"CSAFPID-1503633",
"CSAFPID-1503634",
"CSAFPID-1503635",
"CSAFPID-1503636",
"CSAFPID-1503319",
"CSAFPID-1503318",
"CSAFPID-1503637",
"CSAFPID-1503638",
"CSAFPID-764926",
"CSAFPID-1751202",
"CSAFPID-1751086"
]
}
],
"title": "CVE-2023-33201"
},
{
"cve": "CVE-2023-39410",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"notes": [
{
"category": "other",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-8848",
"CSAFPID-9300",
"CSAFPID-9522",
"CSAFPID-9711",
"CSAFPID-93307",
"CSAFPID-180190",
"CSAFPID-189065",
"CSAFPID-189066",
"CSAFPID-189067",
"CSAFPID-219770",
"CSAFPID-219771",
"CSAFPID-219774",
"CSAFPID-220374",
"CSAFPID-344845",
"CSAFPID-344846",
"CSAFPID-764259",
"CSAFPID-764262",
"CSAFPID-764263",
"CSAFPID-765266",
"CSAFPID-816824",
"CSAFPID-816828",
"CSAFPID-816829",
"CSAFPID-816830",
"CSAFPID-816831",
"CSAFPID-816832",
"CSAFPID-816833",
"CSAFPID-816834",
"CSAFPID-816835",
"CSAFPID-816836",
"CSAFPID-816837",
"CSAFPID-816838",
"CSAFPID-816839",
"CSAFPID-816840",
"CSAFPID-816841",
"CSAFPID-816842",
"CSAFPID-1751202",
"CSAFPID-1751206",
"CSAFPID-1751086",
"CSAFPID-1751207",
"CSAFPID-1503318"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-39410",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-39410.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-8848",
"CSAFPID-9300",
"CSAFPID-9522",
"CSAFPID-9711",
"CSAFPID-93307",
"CSAFPID-180190",
"CSAFPID-189065",
"CSAFPID-189066",
"CSAFPID-189067",
"CSAFPID-219770",
"CSAFPID-219771",
"CSAFPID-219774",
"CSAFPID-220374",
"CSAFPID-344845",
"CSAFPID-344846",
"CSAFPID-764259",
"CSAFPID-764262",
"CSAFPID-764263",
"CSAFPID-765266",
"CSAFPID-816824",
"CSAFPID-816828",
"CSAFPID-816829",
"CSAFPID-816830",
"CSAFPID-816831",
"CSAFPID-816832",
"CSAFPID-816833",
"CSAFPID-816834",
"CSAFPID-816835",
"CSAFPID-816836",
"CSAFPID-816837",
"CSAFPID-816838",
"CSAFPID-816839",
"CSAFPID-816840",
"CSAFPID-816841",
"CSAFPID-816842",
"CSAFPID-1751202",
"CSAFPID-1751206",
"CSAFPID-1751086",
"CSAFPID-1751207",
"CSAFPID-1503318"
]
}
],
"title": "CVE-2023-39410"
},
{
"cve": "CVE-2023-44483",
"cwe": {
"id": "CWE-532",
"name": "Insertion of Sensitive Information into Log File"
},
"notes": [
{
"category": "other",
"text": "Insertion of Sensitive Information into Log File",
"title": "CWE-532"
}
],
"product_status": {
"known_affected": [
"CSAFPID-8848",
"CSAFPID-9300",
"CSAFPID-9522",
"CSAFPID-9711",
"CSAFPID-93307",
"CSAFPID-180190",
"CSAFPID-189065",
"CSAFPID-189066",
"CSAFPID-189067",
"CSAFPID-219770",
"CSAFPID-219771",
"CSAFPID-219774",
"CSAFPID-220374",
"CSAFPID-344845",
"CSAFPID-344846",
"CSAFPID-764259",
"CSAFPID-764262",
"CSAFPID-764263",
"CSAFPID-765266",
"CSAFPID-816824",
"CSAFPID-816828",
"CSAFPID-816829",
"CSAFPID-816830",
"CSAFPID-816831",
"CSAFPID-816832",
"CSAFPID-816833",
"CSAFPID-816834",
"CSAFPID-816835",
"CSAFPID-816836",
"CSAFPID-816837",
"CSAFPID-816838",
"CSAFPID-816839",
"CSAFPID-816840",
"CSAFPID-816841",
"CSAFPID-816842",
"CSAFPID-400309",
"CSAFPID-400311",
"CSAFPID-765264",
"CSAFPID-765265",
"CSAFPID-912062",
"CSAFPID-912063",
"CSAFPID-912064",
"CSAFPID-912092",
"CSAFPID-912093",
"CSAFPID-912094",
"CSAFPID-912589",
"CSAFPID-912590",
"CSAFPID-912591",
"CSAFPID-912592",
"CSAFPID-1503614",
"CSAFPID-1503615",
"CSAFPID-1503616",
"CSAFPID-1503617",
"CSAFPID-1503626",
"CSAFPID-1503627",
"CSAFPID-1503628",
"CSAFPID-1503629",
"CSAFPID-1503630",
"CSAFPID-1503631",
"CSAFPID-1503632",
"CSAFPID-1503633",
"CSAFPID-1503634",
"CSAFPID-1503635",
"CSAFPID-1503636",
"CSAFPID-1503319",
"CSAFPID-1503318",
"CSAFPID-1503637",
"CSAFPID-1503638",
"CSAFPID-764926"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-44483",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44483.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-8848",
"CSAFPID-9300",
"CSAFPID-9522",
"CSAFPID-9711",
"CSAFPID-93307",
"CSAFPID-180190",
"CSAFPID-189065",
"CSAFPID-189066",
"CSAFPID-189067",
"CSAFPID-219770",
"CSAFPID-219771",
"CSAFPID-219774",
"CSAFPID-220374",
"CSAFPID-344845",
"CSAFPID-344846",
"CSAFPID-764259",
"CSAFPID-764262",
"CSAFPID-764263",
"CSAFPID-765266",
"CSAFPID-816824",
"CSAFPID-816828",
"CSAFPID-816829",
"CSAFPID-816830",
"CSAFPID-816831",
"CSAFPID-816832",
"CSAFPID-816833",
"CSAFPID-816834",
"CSAFPID-816835",
"CSAFPID-816836",
"CSAFPID-816837",
"CSAFPID-816838",
"CSAFPID-816839",
"CSAFPID-816840",
"CSAFPID-816841",
"CSAFPID-816842",
"CSAFPID-400309",
"CSAFPID-400311",
"CSAFPID-765264",
"CSAFPID-765265",
"CSAFPID-912062",
"CSAFPID-912063",
"CSAFPID-912064",
"CSAFPID-912092",
"CSAFPID-912093",
"CSAFPID-912094",
"CSAFPID-912589",
"CSAFPID-912590",
"CSAFPID-912591",
"CSAFPID-912592",
"CSAFPID-1503614",
"CSAFPID-1503615",
"CSAFPID-1503616",
"CSAFPID-1503617",
"CSAFPID-1503626",
"CSAFPID-1503627",
"CSAFPID-1503628",
"CSAFPID-1503629",
"CSAFPID-1503630",
"CSAFPID-1503631",
"CSAFPID-1503632",
"CSAFPID-1503633",
"CSAFPID-1503634",
"CSAFPID-1503635",
"CSAFPID-1503636",
"CSAFPID-1503319",
"CSAFPID-1503318",
"CSAFPID-1503637",
"CSAFPID-1503638",
"CSAFPID-764926"
]
}
],
"title": "CVE-2023-44483"
},
{
"cve": "CVE-2023-48795",
"cwe": {
"id": "CWE-222",
"name": "Truncation of Security-relevant Information"
},
"notes": [
{
"category": "other",
"text": "Truncation of Security-relevant Information",
"title": "CWE-222"
},
{
"category": "other",
"text": "Selection of Less-Secure Algorithm During Negotiation (\u0027Algorithm Downgrade\u0027)",
"title": "CWE-757"
},
{
"category": "other",
"text": "Improper Validation of Integrity Check Value",
"title": "CWE-354"
}
],
"product_status": {
"known_affected": [
"CSAFPID-8848",
"CSAFPID-9300",
"CSAFPID-9522",
"CSAFPID-9711",
"CSAFPID-93307",
"CSAFPID-180190",
"CSAFPID-189065",
"CSAFPID-189066",
"CSAFPID-189067",
"CSAFPID-219770",
"CSAFPID-219771",
"CSAFPID-219774",
"CSAFPID-220374",
"CSAFPID-344845",
"CSAFPID-344846",
"CSAFPID-764259",
"CSAFPID-764262",
"CSAFPID-764263",
"CSAFPID-765266",
"CSAFPID-816824",
"CSAFPID-816828",
"CSAFPID-816829",
"CSAFPID-816830",
"CSAFPID-816831",
"CSAFPID-816832",
"CSAFPID-816833",
"CSAFPID-816834",
"CSAFPID-816835",
"CSAFPID-816836",
"CSAFPID-816837",
"CSAFPID-816838",
"CSAFPID-816839",
"CSAFPID-816840",
"CSAFPID-816841",
"CSAFPID-816842",
"CSAFPID-400309",
"CSAFPID-400311",
"CSAFPID-765264",
"CSAFPID-765265",
"CSAFPID-912062",
"CSAFPID-912063",
"CSAFPID-912064",
"CSAFPID-912092",
"CSAFPID-912093",
"CSAFPID-912094",
"CSAFPID-912589",
"CSAFPID-912590",
"CSAFPID-912591",
"CSAFPID-912592",
"CSAFPID-1503614",
"CSAFPID-1503615",
"CSAFPID-1503616",
"CSAFPID-1503617",
"CSAFPID-1503626",
"CSAFPID-1503627",
"CSAFPID-1503628",
"CSAFPID-1503629",
"CSAFPID-1503630",
"CSAFPID-1503631",
"CSAFPID-1503632",
"CSAFPID-1503633",
"CSAFPID-1503634",
"CSAFPID-1503635",
"CSAFPID-1503636",
"CSAFPID-1503319",
"CSAFPID-1503318",
"CSAFPID-1503637",
"CSAFPID-1503638",
"CSAFPID-764926"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-48795",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-48795.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-8848",
"CSAFPID-9300",
"CSAFPID-9522",
"CSAFPID-9711",
"CSAFPID-93307",
"CSAFPID-180190",
"CSAFPID-189065",
"CSAFPID-189066",
"CSAFPID-189067",
"CSAFPID-219770",
"CSAFPID-219771",
"CSAFPID-219774",
"CSAFPID-220374",
"CSAFPID-344845",
"CSAFPID-344846",
"CSAFPID-764259",
"CSAFPID-764262",
"CSAFPID-764263",
"CSAFPID-765266",
"CSAFPID-816824",
"CSAFPID-816828",
"CSAFPID-816829",
"CSAFPID-816830",
"CSAFPID-816831",
"CSAFPID-816832",
"CSAFPID-816833",
"CSAFPID-816834",
"CSAFPID-816835",
"CSAFPID-816836",
"CSAFPID-816837",
"CSAFPID-816838",
"CSAFPID-816839",
"CSAFPID-816840",
"CSAFPID-816841",
"CSAFPID-816842",
"CSAFPID-400309",
"CSAFPID-400311",
"CSAFPID-765264",
"CSAFPID-765265",
"CSAFPID-912062",
"CSAFPID-912063",
"CSAFPID-912064",
"CSAFPID-912092",
"CSAFPID-912093",
"CSAFPID-912094",
"CSAFPID-912589",
"CSAFPID-912590",
"CSAFPID-912591",
"CSAFPID-912592",
"CSAFPID-1503614",
"CSAFPID-1503615",
"CSAFPID-1503616",
"CSAFPID-1503617",
"CSAFPID-1503626",
"CSAFPID-1503627",
"CSAFPID-1503628",
"CSAFPID-1503629",
"CSAFPID-1503630",
"CSAFPID-1503631",
"CSAFPID-1503632",
"CSAFPID-1503633",
"CSAFPID-1503634",
"CSAFPID-1503635",
"CSAFPID-1503636",
"CSAFPID-1503319",
"CSAFPID-1503318",
"CSAFPID-1503637",
"CSAFPID-1503638",
"CSAFPID-764926"
]
}
],
"title": "CVE-2023-48795"
},
{
"cve": "CVE-2023-51074",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
}
],
"product_status": {
"known_affected": [
"CSAFPID-400309",
"CSAFPID-400311",
"CSAFPID-765264",
"CSAFPID-765265",
"CSAFPID-912062",
"CSAFPID-912063",
"CSAFPID-912064",
"CSAFPID-912092",
"CSAFPID-912093",
"CSAFPID-912094",
"CSAFPID-912589",
"CSAFPID-912590",
"CSAFPID-912591",
"CSAFPID-912592",
"CSAFPID-1503614",
"CSAFPID-1503615",
"CSAFPID-1503616",
"CSAFPID-1503617",
"CSAFPID-9711",
"CSAFPID-9300",
"CSAFPID-189066",
"CSAFPID-189065",
"CSAFPID-1503626",
"CSAFPID-1503627",
"CSAFPID-1503628",
"CSAFPID-1503629",
"CSAFPID-189067",
"CSAFPID-93307",
"CSAFPID-816828",
"CSAFPID-1503630",
"CSAFPID-1503631",
"CSAFPID-1503632",
"CSAFPID-1503633",
"CSAFPID-1503634",
"CSAFPID-1503635",
"CSAFPID-1503636",
"CSAFPID-1503319",
"CSAFPID-1503318",
"CSAFPID-1503637",
"CSAFPID-1503638",
"CSAFPID-764926",
"CSAFPID-1751213",
"CSAFPID-220375",
"CSAFPID-1751214",
"CSAFPID-1751074"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-51074",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-51074.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-400309",
"CSAFPID-400311",
"CSAFPID-765264",
"CSAFPID-765265",
"CSAFPID-912062",
"CSAFPID-912063",
"CSAFPID-912064",
"CSAFPID-912092",
"CSAFPID-912093",
"CSAFPID-912094",
"CSAFPID-912589",
"CSAFPID-912590",
"CSAFPID-912591",
"CSAFPID-912592",
"CSAFPID-1503614",
"CSAFPID-1503615",
"CSAFPID-1503616",
"CSAFPID-1503617",
"CSAFPID-9711",
"CSAFPID-9300",
"CSAFPID-189066",
"CSAFPID-189065",
"CSAFPID-1503626",
"CSAFPID-1503627",
"CSAFPID-1503628",
"CSAFPID-1503629",
"CSAFPID-189067",
"CSAFPID-93307",
"CSAFPID-816828",
"CSAFPID-1503630",
"CSAFPID-1503631",
"CSAFPID-1503632",
"CSAFPID-1503633",
"CSAFPID-1503634",
"CSAFPID-1503635",
"CSAFPID-1503636",
"CSAFPID-1503319",
"CSAFPID-1503318",
"CSAFPID-1503637",
"CSAFPID-1503638",
"CSAFPID-764926",
"CSAFPID-1751213",
"CSAFPID-220375",
"CSAFPID-1751214",
"CSAFPID-1751074"
]
}
],
"title": "CVE-2023-51074"
},
{
"cve": "CVE-2023-52070",
"product_status": {
"known_affected": [
"CSAFPID-1751215"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-52070",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52070.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1751215"
]
}
],
"title": "CVE-2023-52070"
},
{
"cve": "CVE-2024-28219",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"notes": [
{
"category": "other",
"text": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"title": "CWE-120"
},
{
"category": "other",
"text": "Use of Potentially Dangerous Function",
"title": "CWE-676"
},
{
"category": "other",
"text": "Integer Overflow to Buffer Overflow",
"title": "CWE-680"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1503631",
"CSAFPID-1673499"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-28219",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28219.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1503631",
"CSAFPID-1673499"
]
}
],
"title": "CVE-2024-28219"
},
{
"cve": "CVE-2024-34064",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1503614",
"CSAFPID-1503615",
"CSAFPID-1503616",
"CSAFPID-1503617",
"CSAFPID-912094",
"CSAFPID-912093",
"CSAFPID-912092",
"CSAFPID-912064",
"CSAFPID-912063",
"CSAFPID-912062",
"CSAFPID-9711",
"CSAFPID-9300",
"CSAFPID-189066",
"CSAFPID-189065",
"CSAFPID-1503626",
"CSAFPID-1503627",
"CSAFPID-1503628",
"CSAFPID-1503629",
"CSAFPID-189067",
"CSAFPID-93307",
"CSAFPID-816828",
"CSAFPID-1503630",
"CSAFPID-1503631",
"CSAFPID-1503632",
"CSAFPID-1503633",
"CSAFPID-1503634",
"CSAFPID-1503635",
"CSAFPID-1503636",
"CSAFPID-1503319",
"CSAFPID-1503318",
"CSAFPID-1503637",
"CSAFPID-1503638",
"CSAFPID-764926",
"CSAFPID-1673499",
"CSAFPID-1751206",
"CSAFPID-1751207"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-34064",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34064.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1503614",
"CSAFPID-1503615",
"CSAFPID-1503616",
"CSAFPID-1503617",
"CSAFPID-912094",
"CSAFPID-912093",
"CSAFPID-912092",
"CSAFPID-912064",
"CSAFPID-912063",
"CSAFPID-912062",
"CSAFPID-9711",
"CSAFPID-9300",
"CSAFPID-189066",
"CSAFPID-189065",
"CSAFPID-1503626",
"CSAFPID-1503627",
"CSAFPID-1503628",
"CSAFPID-1503629",
"CSAFPID-189067",
"CSAFPID-93307",
"CSAFPID-816828",
"CSAFPID-1503630",
"CSAFPID-1503631",
"CSAFPID-1503632",
"CSAFPID-1503633",
"CSAFPID-1503634",
"CSAFPID-1503635",
"CSAFPID-1503636",
"CSAFPID-1503319",
"CSAFPID-1503318",
"CSAFPID-1503637",
"CSAFPID-1503638",
"CSAFPID-764926",
"CSAFPID-1673499",
"CSAFPID-1751206",
"CSAFPID-1751207"
]
}
],
"title": "CVE-2024-34064"
},
{
"cve": "CVE-2024-34750",
"cwe": {
"id": "CWE-755",
"name": "Improper Handling of Exceptional Conditions"
},
"notes": [
{
"category": "other",
"text": "Improper Handling of Exceptional Conditions",
"title": "CWE-755"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1751202",
"CSAFPID-1751086",
"CSAFPID-1503318"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-34750",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34750.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1751202",
"CSAFPID-1751086",
"CSAFPID-1503318"
]
}
],
"title": "CVE-2024-34750"
},
{
"cve": "CVE-2024-35195",
"cwe": {
"id": "CWE-670",
"name": "Always-Incorrect Control Flow Implementation"
},
"notes": [
{
"category": "other",
"text": "Always-Incorrect Control Flow Implementation",
"title": "CWE-670"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673499",
"CSAFPID-1503631"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-35195",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35195.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1673499",
"CSAFPID-1503631"
]
}
],
"title": "CVE-2024-35195"
},
{
"cve": "CVE-2024-38819",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1751072",
"CSAFPID-1503630",
"CSAFPID-1751074",
"CSAFPID-1751078",
"CSAFPID-189067",
"CSAFPID-1751083",
"CSAFPID-1751086",
"CSAFPID-1503631",
"CSAFPID-220375"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38819",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38819.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1751072",
"CSAFPID-1503630",
"CSAFPID-1751074",
"CSAFPID-1751078",
"CSAFPID-189067",
"CSAFPID-1751083",
"CSAFPID-1751086",
"CSAFPID-1503631",
"CSAFPID-220375"
]
}
],
"title": "CVE-2024-38819"
},
{
"cve": "CVE-2024-38820",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "other",
"text": "Improper Handling of Case Sensitivity",
"title": "CWE-178"
}
],
"product_status": {
"known_affected": [
"CSAFPID-220375",
"CSAFPID-1751083",
"CSAFPID-1503630",
"CSAFPID-1751074",
"CSAFPID-1751078",
"CSAFPID-1503631",
"CSAFPID-189067",
"CSAFPID-1751086",
"CSAFPID-1751072"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38820",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38820.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-220375",
"CSAFPID-1751083",
"CSAFPID-1503630",
"CSAFPID-1751074",
"CSAFPID-1751078",
"CSAFPID-1503631",
"CSAFPID-189067",
"CSAFPID-1751086",
"CSAFPID-1751072"
]
}
],
"title": "CVE-2024-38820"
},
{
"cve": "CVE-2024-38827",
"cwe": {
"id": "CWE-639",
"name": "Authorization Bypass Through User-Controlled Key"
},
"notes": [
{
"category": "other",
"text": "Authorization Bypass Through User-Controlled Key",
"title": "CWE-639"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1503631"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38827",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38827.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1503631"
]
}
],
"title": "CVE-2024-38827"
},
{
"cve": "CVE-2024-38998",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CWE-1321"
}
],
"product_status": {
"known_affected": [
"CSAFPID-220375",
"CSAFPID-1751083",
"CSAFPID-189067",
"CSAFPID-1503318",
"CSAFPID-1751202",
"CSAFPID-1503630",
"CSAFPID-1751074",
"CSAFPID-1751078",
"CSAFPID-1751213",
"CSAFPID-1751214",
"CSAFPID-219774",
"CSAFPID-1751086",
"CSAFPID-1751072"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38998",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38998.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-220375",
"CSAFPID-1751083",
"CSAFPID-189067",
"CSAFPID-1503318",
"CSAFPID-1751202",
"CSAFPID-1503630",
"CSAFPID-1751074",
"CSAFPID-1751078",
"CSAFPID-1751213",
"CSAFPID-1751214",
"CSAFPID-219774",
"CSAFPID-1751086",
"CSAFPID-1751072"
]
}
],
"title": "CVE-2024-38998"
},
{
"cve": "CVE-2024-38999",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CWE-1321"
}
],
"product_status": {
"known_affected": [
"CSAFPID-220375",
"CSAFPID-1751083",
"CSAFPID-189067",
"CSAFPID-1503318",
"CSAFPID-1751202",
"CSAFPID-1503630",
"CSAFPID-1751074",
"CSAFPID-1751078",
"CSAFPID-1751213",
"CSAFPID-1751214",
"CSAFPID-219774",
"CSAFPID-1751086",
"CSAFPID-1751072"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38999",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38999.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-220375",
"CSAFPID-1751083",
"CSAFPID-189067",
"CSAFPID-1503318",
"CSAFPID-1751202",
"CSAFPID-1503630",
"CSAFPID-1751074",
"CSAFPID-1751078",
"CSAFPID-1751213",
"CSAFPID-1751214",
"CSAFPID-219774",
"CSAFPID-1751086",
"CSAFPID-1751072"
]
}
],
"title": "CVE-2024-38999"
},
{
"cve": "CVE-2024-45490",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "other",
"text": "Incorrect Calculation of Buffer Size",
"title": "CWE-131"
},
{
"category": "other",
"text": "Improper Restriction of XML External Entity Reference",
"title": "CWE-611"
}
],
"product_status": {
"known_affected": [
"CSAFPID-189067",
"CSAFPID-1503630",
"CSAFPID-1751074",
"CSAFPID-220375"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-45490",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45490.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-189067",
"CSAFPID-1503630",
"CSAFPID-1751074",
"CSAFPID-220375"
]
}
],
"title": "CVE-2024-45490"
},
{
"cve": "CVE-2024-45491",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
}
],
"product_status": {
"known_affected": [
"CSAFPID-220375",
"CSAFPID-1503630",
"CSAFPID-189067",
"CSAFPID-1751074"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-45491",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45491.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-220375",
"CSAFPID-1503630",
"CSAFPID-189067",
"CSAFPID-1751074"
]
}
],
"title": "CVE-2024-45491"
},
{
"cve": "CVE-2024-45492",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
}
],
"product_status": {
"known_affected": [
"CSAFPID-220375",
"CSAFPID-1503630",
"CSAFPID-189067",
"CSAFPID-1751074"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-45492",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45492.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-220375",
"CSAFPID-1503630",
"CSAFPID-189067",
"CSAFPID-1751074"
]
}
],
"title": "CVE-2024-45492"
},
{
"cve": "CVE-2025-21550",
"product_status": {
"known_affected": [
"CSAFPID-189067",
"CSAFPID-1503630",
"CSAFPID-1751074"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21550",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21550.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-189067",
"CSAFPID-1503630",
"CSAFPID-1751074"
]
}
],
"title": "CVE-2025-21550"
}
]
}
OPENSUSE-SU-2024:12201-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
java-13-openjdk-13.0.12.0-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: java-13-openjdk-13.0.12.0-1.1 on GA media
Description of the patch: These are all security issues fixed in the java-13-openjdk-13.0.12.0-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-12201
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-13.0.12.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-13.0.12.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-13.0.12.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-13.0.12.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.12.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.12.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.12.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.12.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-demo-13.0.12.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-demo-13.0.12.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-demo-13.0.12.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-demo-13.0.12.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-devel-13.0.12.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-devel-13.0.12.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-devel-13.0.12.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-devel-13.0.12.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-headless-13.0.12.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-headless-13.0.12.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-headless-13.0.12.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-headless-13.0.12.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.12.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.12.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.12.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.12.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.12.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.12.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.12.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.12.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-src-13.0.12.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-src-13.0.12.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-src-13.0.12.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-src-13.0.12.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-13.0.12.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-13.0.12.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-13.0.12.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-13.0.12.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.12.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.12.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.12.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.12.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-demo-13.0.12.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-demo-13.0.12.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-demo-13.0.12.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-demo-13.0.12.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-devel-13.0.12.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-devel-13.0.12.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-devel-13.0.12.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-devel-13.0.12.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-headless-13.0.12.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-headless-13.0.12.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-headless-13.0.12.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-headless-13.0.12.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.12.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.12.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.12.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.12.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.12.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.12.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.12.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.12.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-src-13.0.12.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-src-13.0.12.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-src-13.0.12.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-src-13.0.12.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-13.0.12.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-13.0.12.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-13.0.12.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-13.0.12.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.12.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.12.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.12.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.12.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-demo-13.0.12.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-demo-13.0.12.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-demo-13.0.12.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-demo-13.0.12.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-devel-13.0.12.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-devel-13.0.12.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-devel-13.0.12.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-devel-13.0.12.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-headless-13.0.12.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-headless-13.0.12.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-headless-13.0.12.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-headless-13.0.12.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.12.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.12.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.12.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.12.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.12.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.12.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.12.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.12.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-src-13.0.12.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-src-13.0.12.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-src-13.0.12.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-13-openjdk-src-13.0.12.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
15 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "java-13-openjdk-13.0.12.0-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the java-13-openjdk-13.0.12.0-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-12201",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_12201-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-21540 page",
"url": "https://www.suse.com/security/cve/CVE-2022-21540/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-21541 page",
"url": "https://www.suse.com/security/cve/CVE-2022-21541/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-34169 page",
"url": "https://www.suse.com/security/cve/CVE-2022-34169/"
}
],
"title": "java-13-openjdk-13.0.12.0-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:12201-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "java-13-openjdk-13.0.12.0-1.1.aarch64",
"product": {
"name": "java-13-openjdk-13.0.12.0-1.1.aarch64",
"product_id": "java-13-openjdk-13.0.12.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-13-openjdk-accessibility-13.0.12.0-1.1.aarch64",
"product": {
"name": "java-13-openjdk-accessibility-13.0.12.0-1.1.aarch64",
"product_id": "java-13-openjdk-accessibility-13.0.12.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-13-openjdk-demo-13.0.12.0-1.1.aarch64",
"product": {
"name": "java-13-openjdk-demo-13.0.12.0-1.1.aarch64",
"product_id": "java-13-openjdk-demo-13.0.12.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-13-openjdk-devel-13.0.12.0-1.1.aarch64",
"product": {
"name": "java-13-openjdk-devel-13.0.12.0-1.1.aarch64",
"product_id": "java-13-openjdk-devel-13.0.12.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-13-openjdk-headless-13.0.12.0-1.1.aarch64",
"product": {
"name": "java-13-openjdk-headless-13.0.12.0-1.1.aarch64",
"product_id": "java-13-openjdk-headless-13.0.12.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-13-openjdk-javadoc-13.0.12.0-1.1.aarch64",
"product": {
"name": "java-13-openjdk-javadoc-13.0.12.0-1.1.aarch64",
"product_id": "java-13-openjdk-javadoc-13.0.12.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-13-openjdk-jmods-13.0.12.0-1.1.aarch64",
"product": {
"name": "java-13-openjdk-jmods-13.0.12.0-1.1.aarch64",
"product_id": "java-13-openjdk-jmods-13.0.12.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-13-openjdk-src-13.0.12.0-1.1.aarch64",
"product": {
"name": "java-13-openjdk-src-13.0.12.0-1.1.aarch64",
"product_id": "java-13-openjdk-src-13.0.12.0-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-13-openjdk-13.0.12.0-1.1.ppc64le",
"product": {
"name": "java-13-openjdk-13.0.12.0-1.1.ppc64le",
"product_id": "java-13-openjdk-13.0.12.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-13-openjdk-accessibility-13.0.12.0-1.1.ppc64le",
"product": {
"name": "java-13-openjdk-accessibility-13.0.12.0-1.1.ppc64le",
"product_id": "java-13-openjdk-accessibility-13.0.12.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-13-openjdk-demo-13.0.12.0-1.1.ppc64le",
"product": {
"name": "java-13-openjdk-demo-13.0.12.0-1.1.ppc64le",
"product_id": "java-13-openjdk-demo-13.0.12.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-13-openjdk-devel-13.0.12.0-1.1.ppc64le",
"product": {
"name": "java-13-openjdk-devel-13.0.12.0-1.1.ppc64le",
"product_id": "java-13-openjdk-devel-13.0.12.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-13-openjdk-headless-13.0.12.0-1.1.ppc64le",
"product": {
"name": "java-13-openjdk-headless-13.0.12.0-1.1.ppc64le",
"product_id": "java-13-openjdk-headless-13.0.12.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-13-openjdk-javadoc-13.0.12.0-1.1.ppc64le",
"product": {
"name": "java-13-openjdk-javadoc-13.0.12.0-1.1.ppc64le",
"product_id": "java-13-openjdk-javadoc-13.0.12.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-13-openjdk-jmods-13.0.12.0-1.1.ppc64le",
"product": {
"name": "java-13-openjdk-jmods-13.0.12.0-1.1.ppc64le",
"product_id": "java-13-openjdk-jmods-13.0.12.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-13-openjdk-src-13.0.12.0-1.1.ppc64le",
"product": {
"name": "java-13-openjdk-src-13.0.12.0-1.1.ppc64le",
"product_id": "java-13-openjdk-src-13.0.12.0-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "java-13-openjdk-13.0.12.0-1.1.s390x",
"product": {
"name": "java-13-openjdk-13.0.12.0-1.1.s390x",
"product_id": "java-13-openjdk-13.0.12.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-13-openjdk-accessibility-13.0.12.0-1.1.s390x",
"product": {
"name": "java-13-openjdk-accessibility-13.0.12.0-1.1.s390x",
"product_id": "java-13-openjdk-accessibility-13.0.12.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-13-openjdk-demo-13.0.12.0-1.1.s390x",
"product": {
"name": "java-13-openjdk-demo-13.0.12.0-1.1.s390x",
"product_id": "java-13-openjdk-demo-13.0.12.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-13-openjdk-devel-13.0.12.0-1.1.s390x",
"product": {
"name": "java-13-openjdk-devel-13.0.12.0-1.1.s390x",
"product_id": "java-13-openjdk-devel-13.0.12.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-13-openjdk-headless-13.0.12.0-1.1.s390x",
"product": {
"name": "java-13-openjdk-headless-13.0.12.0-1.1.s390x",
"product_id": "java-13-openjdk-headless-13.0.12.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-13-openjdk-javadoc-13.0.12.0-1.1.s390x",
"product": {
"name": "java-13-openjdk-javadoc-13.0.12.0-1.1.s390x",
"product_id": "java-13-openjdk-javadoc-13.0.12.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-13-openjdk-jmods-13.0.12.0-1.1.s390x",
"product": {
"name": "java-13-openjdk-jmods-13.0.12.0-1.1.s390x",
"product_id": "java-13-openjdk-jmods-13.0.12.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-13-openjdk-src-13.0.12.0-1.1.s390x",
"product": {
"name": "java-13-openjdk-src-13.0.12.0-1.1.s390x",
"product_id": "java-13-openjdk-src-13.0.12.0-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "java-13-openjdk-13.0.12.0-1.1.x86_64",
"product": {
"name": "java-13-openjdk-13.0.12.0-1.1.x86_64",
"product_id": "java-13-openjdk-13.0.12.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-13-openjdk-accessibility-13.0.12.0-1.1.x86_64",
"product": {
"name": "java-13-openjdk-accessibility-13.0.12.0-1.1.x86_64",
"product_id": "java-13-openjdk-accessibility-13.0.12.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-13-openjdk-demo-13.0.12.0-1.1.x86_64",
"product": {
"name": "java-13-openjdk-demo-13.0.12.0-1.1.x86_64",
"product_id": "java-13-openjdk-demo-13.0.12.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-13-openjdk-devel-13.0.12.0-1.1.x86_64",
"product": {
"name": "java-13-openjdk-devel-13.0.12.0-1.1.x86_64",
"product_id": "java-13-openjdk-devel-13.0.12.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-13-openjdk-headless-13.0.12.0-1.1.x86_64",
"product": {
"name": "java-13-openjdk-headless-13.0.12.0-1.1.x86_64",
"product_id": "java-13-openjdk-headless-13.0.12.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-13-openjdk-javadoc-13.0.12.0-1.1.x86_64",
"product": {
"name": "java-13-openjdk-javadoc-13.0.12.0-1.1.x86_64",
"product_id": "java-13-openjdk-javadoc-13.0.12.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-13-openjdk-jmods-13.0.12.0-1.1.x86_64",
"product": {
"name": "java-13-openjdk-jmods-13.0.12.0-1.1.x86_64",
"product_id": "java-13-openjdk-jmods-13.0.12.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-13-openjdk-src-13.0.12.0-1.1.x86_64",
"product": {
"name": "java-13-openjdk-src-13.0.12.0-1.1.x86_64",
"product_id": "java-13-openjdk-src-13.0.12.0-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-13-openjdk-13.0.12.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-13-openjdk-13.0.12.0-1.1.aarch64"
},
"product_reference": "java-13-openjdk-13.0.12.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-13-openjdk-13.0.12.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-13-openjdk-13.0.12.0-1.1.ppc64le"
},
"product_reference": "java-13-openjdk-13.0.12.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-13-openjdk-13.0.12.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-13-openjdk-13.0.12.0-1.1.s390x"
},
"product_reference": "java-13-openjdk-13.0.12.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-13-openjdk-13.0.12.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-13-openjdk-13.0.12.0-1.1.x86_64"
},
"product_reference": "java-13-openjdk-13.0.12.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-13-openjdk-accessibility-13.0.12.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.12.0-1.1.aarch64"
},
"product_reference": "java-13-openjdk-accessibility-13.0.12.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-13-openjdk-accessibility-13.0.12.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.12.0-1.1.ppc64le"
},
"product_reference": "java-13-openjdk-accessibility-13.0.12.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-13-openjdk-accessibility-13.0.12.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.12.0-1.1.s390x"
},
"product_reference": "java-13-openjdk-accessibility-13.0.12.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-13-openjdk-accessibility-13.0.12.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.12.0-1.1.x86_64"
},
"product_reference": "java-13-openjdk-accessibility-13.0.12.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-13-openjdk-demo-13.0.12.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.12.0-1.1.aarch64"
},
"product_reference": "java-13-openjdk-demo-13.0.12.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-13-openjdk-demo-13.0.12.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.12.0-1.1.ppc64le"
},
"product_reference": "java-13-openjdk-demo-13.0.12.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-13-openjdk-demo-13.0.12.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.12.0-1.1.s390x"
},
"product_reference": "java-13-openjdk-demo-13.0.12.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-13-openjdk-demo-13.0.12.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-13-openjdk-demo-13.0.12.0-1.1.x86_64"
},
"product_reference": "java-13-openjdk-demo-13.0.12.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-13-openjdk-devel-13.0.12.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.12.0-1.1.aarch64"
},
"product_reference": "java-13-openjdk-devel-13.0.12.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-13-openjdk-devel-13.0.12.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.12.0-1.1.ppc64le"
},
"product_reference": "java-13-openjdk-devel-13.0.12.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-13-openjdk-devel-13.0.12.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.12.0-1.1.s390x"
},
"product_reference": "java-13-openjdk-devel-13.0.12.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-13-openjdk-devel-13.0.12.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-13-openjdk-devel-13.0.12.0-1.1.x86_64"
},
"product_reference": "java-13-openjdk-devel-13.0.12.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-13-openjdk-headless-13.0.12.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.12.0-1.1.aarch64"
},
"product_reference": "java-13-openjdk-headless-13.0.12.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-13-openjdk-headless-13.0.12.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.12.0-1.1.ppc64le"
},
"product_reference": "java-13-openjdk-headless-13.0.12.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-13-openjdk-headless-13.0.12.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.12.0-1.1.s390x"
},
"product_reference": "java-13-openjdk-headless-13.0.12.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-13-openjdk-headless-13.0.12.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-13-openjdk-headless-13.0.12.0-1.1.x86_64"
},
"product_reference": "java-13-openjdk-headless-13.0.12.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-13-openjdk-javadoc-13.0.12.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.12.0-1.1.aarch64"
},
"product_reference": "java-13-openjdk-javadoc-13.0.12.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-13-openjdk-javadoc-13.0.12.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.12.0-1.1.ppc64le"
},
"product_reference": "java-13-openjdk-javadoc-13.0.12.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-13-openjdk-javadoc-13.0.12.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.12.0-1.1.s390x"
},
"product_reference": "java-13-openjdk-javadoc-13.0.12.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-13-openjdk-javadoc-13.0.12.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.12.0-1.1.x86_64"
},
"product_reference": "java-13-openjdk-javadoc-13.0.12.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-13-openjdk-jmods-13.0.12.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.12.0-1.1.aarch64"
},
"product_reference": "java-13-openjdk-jmods-13.0.12.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-13-openjdk-jmods-13.0.12.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.12.0-1.1.ppc64le"
},
"product_reference": "java-13-openjdk-jmods-13.0.12.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-13-openjdk-jmods-13.0.12.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.12.0-1.1.s390x"
},
"product_reference": "java-13-openjdk-jmods-13.0.12.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-13-openjdk-jmods-13.0.12.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.12.0-1.1.x86_64"
},
"product_reference": "java-13-openjdk-jmods-13.0.12.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-13-openjdk-src-13.0.12.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-13-openjdk-src-13.0.12.0-1.1.aarch64"
},
"product_reference": "java-13-openjdk-src-13.0.12.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-13-openjdk-src-13.0.12.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-13-openjdk-src-13.0.12.0-1.1.ppc64le"
},
"product_reference": "java-13-openjdk-src-13.0.12.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-13-openjdk-src-13.0.12.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-13-openjdk-src-13.0.12.0-1.1.s390x"
},
"product_reference": "java-13-openjdk-src-13.0.12.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-13-openjdk-src-13.0.12.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-13-openjdk-src-13.0.12.0-1.1.x86_64"
},
"product_reference": "java-13-openjdk-src-13.0.12.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-21540",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-21540"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:java-13-openjdk-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-demo-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-demo-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-demo-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-demo-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-devel-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-devel-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-devel-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-devel-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-headless-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-headless-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-headless-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-headless-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-src-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-src-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-src-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-src-13.0.12.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-21540",
"url": "https://www.suse.com/security/cve/CVE-2022-21540"
},
{
"category": "external",
"summary": "SUSE Bug 1201694 for CVE-2022-21540",
"url": "https://bugzilla.suse.com/1201694"
},
{
"category": "external",
"summary": "SUSE Bug 1202427 for CVE-2022-21540",
"url": "https://bugzilla.suse.com/1202427"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:java-13-openjdk-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-demo-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-demo-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-demo-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-demo-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-devel-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-devel-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-devel-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-devel-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-headless-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-headless-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-headless-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-headless-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-src-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-src-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-src-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-src-13.0.12.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:java-13-openjdk-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-demo-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-demo-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-demo-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-demo-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-devel-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-devel-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-devel-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-devel-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-headless-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-headless-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-headless-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-headless-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-src-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-src-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-src-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-src-13.0.12.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2022-21540"
},
{
"cve": "CVE-2022-21541",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-21541"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.9 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:java-13-openjdk-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-demo-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-demo-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-demo-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-demo-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-devel-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-devel-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-devel-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-devel-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-headless-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-headless-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-headless-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-headless-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-src-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-src-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-src-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-src-13.0.12.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-21541",
"url": "https://www.suse.com/security/cve/CVE-2022-21541"
},
{
"category": "external",
"summary": "SUSE Bug 1201692 for CVE-2022-21541",
"url": "https://bugzilla.suse.com/1201692"
},
{
"category": "external",
"summary": "SUSE Bug 1202427 for CVE-2022-21541",
"url": "https://bugzilla.suse.com/1202427"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:java-13-openjdk-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-demo-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-demo-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-demo-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-demo-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-devel-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-devel-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-devel-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-devel-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-headless-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-headless-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-headless-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-headless-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-src-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-src-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-src-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-src-13.0.12.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:java-13-openjdk-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-demo-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-demo-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-demo-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-demo-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-devel-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-devel-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-devel-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-devel-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-headless-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-headless-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-headless-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-headless-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-src-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-src-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-src-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-src-13.0.12.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2022-21541"
},
{
"cve": "CVE-2022-34169",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-34169"
}
],
"notes": [
{
"category": "general",
"text": "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:java-13-openjdk-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-demo-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-demo-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-demo-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-demo-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-devel-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-devel-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-devel-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-devel-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-headless-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-headless-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-headless-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-headless-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-src-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-src-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-src-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-src-13.0.12.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-34169",
"url": "https://www.suse.com/security/cve/CVE-2022-34169"
},
{
"category": "external",
"summary": "SUSE Bug 1201684 for CVE-2022-34169",
"url": "https://bugzilla.suse.com/1201684"
},
{
"category": "external",
"summary": "SUSE Bug 1202427 for CVE-2022-34169",
"url": "https://bugzilla.suse.com/1202427"
},
{
"category": "external",
"summary": "SUSE Bug 1207688 for CVE-2022-34169",
"url": "https://bugzilla.suse.com/1207688"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:java-13-openjdk-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-demo-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-demo-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-demo-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-demo-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-devel-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-devel-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-devel-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-devel-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-headless-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-headless-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-headless-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-headless-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-src-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-src-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-src-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-src-13.0.12.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:java-13-openjdk-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-accessibility-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-demo-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-demo-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-demo-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-demo-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-devel-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-devel-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-devel-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-devel-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-headless-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-headless-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-headless-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-headless-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-javadoc-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-jmods-13.0.12.0-1.1.x86_64",
"openSUSE Tumbleweed:java-13-openjdk-src-13.0.12.0-1.1.aarch64",
"openSUSE Tumbleweed:java-13-openjdk-src-13.0.12.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-13-openjdk-src-13.0.12.0-1.1.s390x",
"openSUSE Tumbleweed:java-13-openjdk-src-13.0.12.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2022-34169"
}
]
}
OPENSUSE-SU-2024:12202-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
java-15-openjdk-15.0.8.0-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: java-15-openjdk-15.0.8.0-1.1 on GA media
Description of the patch: These are all security issues fixed in the java-15-openjdk-15.0.8.0-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-12202
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-15.0.8.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-15.0.8.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-15.0.8.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-15.0.8.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.8.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.8.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.8.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.8.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-demo-15.0.8.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-demo-15.0.8.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-demo-15.0.8.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-demo-15.0.8.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-devel-15.0.8.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-devel-15.0.8.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-devel-15.0.8.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-devel-15.0.8.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-headless-15.0.8.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-headless-15.0.8.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-headless-15.0.8.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-headless-15.0.8.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.8.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.8.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.8.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.8.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.8.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.8.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.8.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.8.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-src-15.0.8.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-src-15.0.8.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-src-15.0.8.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-src-15.0.8.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-15.0.8.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-15.0.8.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-15.0.8.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-15.0.8.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.8.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.8.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.8.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.8.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-demo-15.0.8.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-demo-15.0.8.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-demo-15.0.8.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-demo-15.0.8.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-devel-15.0.8.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-devel-15.0.8.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-devel-15.0.8.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-devel-15.0.8.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-headless-15.0.8.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-headless-15.0.8.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-headless-15.0.8.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-headless-15.0.8.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.8.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.8.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.8.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.8.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.8.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.8.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.8.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.8.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-src-15.0.8.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-src-15.0.8.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-src-15.0.8.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-src-15.0.8.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-15.0.8.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-15.0.8.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-15.0.8.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-15.0.8.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.8.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.8.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.8.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.8.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-demo-15.0.8.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-demo-15.0.8.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-demo-15.0.8.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-demo-15.0.8.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-devel-15.0.8.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-devel-15.0.8.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-devel-15.0.8.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-devel-15.0.8.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-headless-15.0.8.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-headless-15.0.8.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-headless-15.0.8.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-headless-15.0.8.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.8.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.8.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.8.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.8.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.8.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.8.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.8.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.8.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-src-15.0.8.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-src-15.0.8.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-src-15.0.8.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-15-openjdk-src-15.0.8.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
15 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "java-15-openjdk-15.0.8.0-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the java-15-openjdk-15.0.8.0-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-12202",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_12202-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-21540 page",
"url": "https://www.suse.com/security/cve/CVE-2022-21540/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-21541 page",
"url": "https://www.suse.com/security/cve/CVE-2022-21541/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-34169 page",
"url": "https://www.suse.com/security/cve/CVE-2022-34169/"
}
],
"title": "java-15-openjdk-15.0.8.0-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:12202-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "java-15-openjdk-15.0.8.0-1.1.aarch64",
"product": {
"name": "java-15-openjdk-15.0.8.0-1.1.aarch64",
"product_id": "java-15-openjdk-15.0.8.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-15-openjdk-accessibility-15.0.8.0-1.1.aarch64",
"product": {
"name": "java-15-openjdk-accessibility-15.0.8.0-1.1.aarch64",
"product_id": "java-15-openjdk-accessibility-15.0.8.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-15-openjdk-demo-15.0.8.0-1.1.aarch64",
"product": {
"name": "java-15-openjdk-demo-15.0.8.0-1.1.aarch64",
"product_id": "java-15-openjdk-demo-15.0.8.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-15-openjdk-devel-15.0.8.0-1.1.aarch64",
"product": {
"name": "java-15-openjdk-devel-15.0.8.0-1.1.aarch64",
"product_id": "java-15-openjdk-devel-15.0.8.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-15-openjdk-headless-15.0.8.0-1.1.aarch64",
"product": {
"name": "java-15-openjdk-headless-15.0.8.0-1.1.aarch64",
"product_id": "java-15-openjdk-headless-15.0.8.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-15-openjdk-javadoc-15.0.8.0-1.1.aarch64",
"product": {
"name": "java-15-openjdk-javadoc-15.0.8.0-1.1.aarch64",
"product_id": "java-15-openjdk-javadoc-15.0.8.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-15-openjdk-jmods-15.0.8.0-1.1.aarch64",
"product": {
"name": "java-15-openjdk-jmods-15.0.8.0-1.1.aarch64",
"product_id": "java-15-openjdk-jmods-15.0.8.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-15-openjdk-src-15.0.8.0-1.1.aarch64",
"product": {
"name": "java-15-openjdk-src-15.0.8.0-1.1.aarch64",
"product_id": "java-15-openjdk-src-15.0.8.0-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-15-openjdk-15.0.8.0-1.1.ppc64le",
"product": {
"name": "java-15-openjdk-15.0.8.0-1.1.ppc64le",
"product_id": "java-15-openjdk-15.0.8.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-15-openjdk-accessibility-15.0.8.0-1.1.ppc64le",
"product": {
"name": "java-15-openjdk-accessibility-15.0.8.0-1.1.ppc64le",
"product_id": "java-15-openjdk-accessibility-15.0.8.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-15-openjdk-demo-15.0.8.0-1.1.ppc64le",
"product": {
"name": "java-15-openjdk-demo-15.0.8.0-1.1.ppc64le",
"product_id": "java-15-openjdk-demo-15.0.8.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-15-openjdk-devel-15.0.8.0-1.1.ppc64le",
"product": {
"name": "java-15-openjdk-devel-15.0.8.0-1.1.ppc64le",
"product_id": "java-15-openjdk-devel-15.0.8.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-15-openjdk-headless-15.0.8.0-1.1.ppc64le",
"product": {
"name": "java-15-openjdk-headless-15.0.8.0-1.1.ppc64le",
"product_id": "java-15-openjdk-headless-15.0.8.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-15-openjdk-javadoc-15.0.8.0-1.1.ppc64le",
"product": {
"name": "java-15-openjdk-javadoc-15.0.8.0-1.1.ppc64le",
"product_id": "java-15-openjdk-javadoc-15.0.8.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-15-openjdk-jmods-15.0.8.0-1.1.ppc64le",
"product": {
"name": "java-15-openjdk-jmods-15.0.8.0-1.1.ppc64le",
"product_id": "java-15-openjdk-jmods-15.0.8.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-15-openjdk-src-15.0.8.0-1.1.ppc64le",
"product": {
"name": "java-15-openjdk-src-15.0.8.0-1.1.ppc64le",
"product_id": "java-15-openjdk-src-15.0.8.0-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "java-15-openjdk-15.0.8.0-1.1.s390x",
"product": {
"name": "java-15-openjdk-15.0.8.0-1.1.s390x",
"product_id": "java-15-openjdk-15.0.8.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-15-openjdk-accessibility-15.0.8.0-1.1.s390x",
"product": {
"name": "java-15-openjdk-accessibility-15.0.8.0-1.1.s390x",
"product_id": "java-15-openjdk-accessibility-15.0.8.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-15-openjdk-demo-15.0.8.0-1.1.s390x",
"product": {
"name": "java-15-openjdk-demo-15.0.8.0-1.1.s390x",
"product_id": "java-15-openjdk-demo-15.0.8.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-15-openjdk-devel-15.0.8.0-1.1.s390x",
"product": {
"name": "java-15-openjdk-devel-15.0.8.0-1.1.s390x",
"product_id": "java-15-openjdk-devel-15.0.8.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-15-openjdk-headless-15.0.8.0-1.1.s390x",
"product": {
"name": "java-15-openjdk-headless-15.0.8.0-1.1.s390x",
"product_id": "java-15-openjdk-headless-15.0.8.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-15-openjdk-javadoc-15.0.8.0-1.1.s390x",
"product": {
"name": "java-15-openjdk-javadoc-15.0.8.0-1.1.s390x",
"product_id": "java-15-openjdk-javadoc-15.0.8.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-15-openjdk-jmods-15.0.8.0-1.1.s390x",
"product": {
"name": "java-15-openjdk-jmods-15.0.8.0-1.1.s390x",
"product_id": "java-15-openjdk-jmods-15.0.8.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-15-openjdk-src-15.0.8.0-1.1.s390x",
"product": {
"name": "java-15-openjdk-src-15.0.8.0-1.1.s390x",
"product_id": "java-15-openjdk-src-15.0.8.0-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "java-15-openjdk-15.0.8.0-1.1.x86_64",
"product": {
"name": "java-15-openjdk-15.0.8.0-1.1.x86_64",
"product_id": "java-15-openjdk-15.0.8.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-15-openjdk-accessibility-15.0.8.0-1.1.x86_64",
"product": {
"name": "java-15-openjdk-accessibility-15.0.8.0-1.1.x86_64",
"product_id": "java-15-openjdk-accessibility-15.0.8.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-15-openjdk-demo-15.0.8.0-1.1.x86_64",
"product": {
"name": "java-15-openjdk-demo-15.0.8.0-1.1.x86_64",
"product_id": "java-15-openjdk-demo-15.0.8.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-15-openjdk-devel-15.0.8.0-1.1.x86_64",
"product": {
"name": "java-15-openjdk-devel-15.0.8.0-1.1.x86_64",
"product_id": "java-15-openjdk-devel-15.0.8.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-15-openjdk-headless-15.0.8.0-1.1.x86_64",
"product": {
"name": "java-15-openjdk-headless-15.0.8.0-1.1.x86_64",
"product_id": "java-15-openjdk-headless-15.0.8.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-15-openjdk-javadoc-15.0.8.0-1.1.x86_64",
"product": {
"name": "java-15-openjdk-javadoc-15.0.8.0-1.1.x86_64",
"product_id": "java-15-openjdk-javadoc-15.0.8.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-15-openjdk-jmods-15.0.8.0-1.1.x86_64",
"product": {
"name": "java-15-openjdk-jmods-15.0.8.0-1.1.x86_64",
"product_id": "java-15-openjdk-jmods-15.0.8.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-15-openjdk-src-15.0.8.0-1.1.x86_64",
"product": {
"name": "java-15-openjdk-src-15.0.8.0-1.1.x86_64",
"product_id": "java-15-openjdk-src-15.0.8.0-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-15-openjdk-15.0.8.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-15-openjdk-15.0.8.0-1.1.aarch64"
},
"product_reference": "java-15-openjdk-15.0.8.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-15-openjdk-15.0.8.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-15-openjdk-15.0.8.0-1.1.ppc64le"
},
"product_reference": "java-15-openjdk-15.0.8.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-15-openjdk-15.0.8.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-15-openjdk-15.0.8.0-1.1.s390x"
},
"product_reference": "java-15-openjdk-15.0.8.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-15-openjdk-15.0.8.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-15-openjdk-15.0.8.0-1.1.x86_64"
},
"product_reference": "java-15-openjdk-15.0.8.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-15-openjdk-accessibility-15.0.8.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.8.0-1.1.aarch64"
},
"product_reference": "java-15-openjdk-accessibility-15.0.8.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-15-openjdk-accessibility-15.0.8.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.8.0-1.1.ppc64le"
},
"product_reference": "java-15-openjdk-accessibility-15.0.8.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-15-openjdk-accessibility-15.0.8.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.8.0-1.1.s390x"
},
"product_reference": "java-15-openjdk-accessibility-15.0.8.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-15-openjdk-accessibility-15.0.8.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.8.0-1.1.x86_64"
},
"product_reference": "java-15-openjdk-accessibility-15.0.8.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-15-openjdk-demo-15.0.8.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.8.0-1.1.aarch64"
},
"product_reference": "java-15-openjdk-demo-15.0.8.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-15-openjdk-demo-15.0.8.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.8.0-1.1.ppc64le"
},
"product_reference": "java-15-openjdk-demo-15.0.8.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-15-openjdk-demo-15.0.8.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.8.0-1.1.s390x"
},
"product_reference": "java-15-openjdk-demo-15.0.8.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-15-openjdk-demo-15.0.8.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-15-openjdk-demo-15.0.8.0-1.1.x86_64"
},
"product_reference": "java-15-openjdk-demo-15.0.8.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-15-openjdk-devel-15.0.8.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.8.0-1.1.aarch64"
},
"product_reference": "java-15-openjdk-devel-15.0.8.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-15-openjdk-devel-15.0.8.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.8.0-1.1.ppc64le"
},
"product_reference": "java-15-openjdk-devel-15.0.8.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-15-openjdk-devel-15.0.8.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.8.0-1.1.s390x"
},
"product_reference": "java-15-openjdk-devel-15.0.8.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-15-openjdk-devel-15.0.8.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-15-openjdk-devel-15.0.8.0-1.1.x86_64"
},
"product_reference": "java-15-openjdk-devel-15.0.8.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-15-openjdk-headless-15.0.8.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.8.0-1.1.aarch64"
},
"product_reference": "java-15-openjdk-headless-15.0.8.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-15-openjdk-headless-15.0.8.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.8.0-1.1.ppc64le"
},
"product_reference": "java-15-openjdk-headless-15.0.8.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-15-openjdk-headless-15.0.8.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.8.0-1.1.s390x"
},
"product_reference": "java-15-openjdk-headless-15.0.8.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-15-openjdk-headless-15.0.8.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-15-openjdk-headless-15.0.8.0-1.1.x86_64"
},
"product_reference": "java-15-openjdk-headless-15.0.8.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-15-openjdk-javadoc-15.0.8.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.8.0-1.1.aarch64"
},
"product_reference": "java-15-openjdk-javadoc-15.0.8.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-15-openjdk-javadoc-15.0.8.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.8.0-1.1.ppc64le"
},
"product_reference": "java-15-openjdk-javadoc-15.0.8.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-15-openjdk-javadoc-15.0.8.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.8.0-1.1.s390x"
},
"product_reference": "java-15-openjdk-javadoc-15.0.8.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-15-openjdk-javadoc-15.0.8.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.8.0-1.1.x86_64"
},
"product_reference": "java-15-openjdk-javadoc-15.0.8.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-15-openjdk-jmods-15.0.8.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.8.0-1.1.aarch64"
},
"product_reference": "java-15-openjdk-jmods-15.0.8.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-15-openjdk-jmods-15.0.8.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.8.0-1.1.ppc64le"
},
"product_reference": "java-15-openjdk-jmods-15.0.8.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-15-openjdk-jmods-15.0.8.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.8.0-1.1.s390x"
},
"product_reference": "java-15-openjdk-jmods-15.0.8.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-15-openjdk-jmods-15.0.8.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.8.0-1.1.x86_64"
},
"product_reference": "java-15-openjdk-jmods-15.0.8.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-15-openjdk-src-15.0.8.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-15-openjdk-src-15.0.8.0-1.1.aarch64"
},
"product_reference": "java-15-openjdk-src-15.0.8.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-15-openjdk-src-15.0.8.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-15-openjdk-src-15.0.8.0-1.1.ppc64le"
},
"product_reference": "java-15-openjdk-src-15.0.8.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-15-openjdk-src-15.0.8.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-15-openjdk-src-15.0.8.0-1.1.s390x"
},
"product_reference": "java-15-openjdk-src-15.0.8.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-15-openjdk-src-15.0.8.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-15-openjdk-src-15.0.8.0-1.1.x86_64"
},
"product_reference": "java-15-openjdk-src-15.0.8.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-21540",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-21540"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:java-15-openjdk-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-demo-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-demo-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-demo-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-demo-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-devel-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-devel-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-devel-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-devel-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-headless-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-headless-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-headless-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-headless-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-src-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-src-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-src-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-src-15.0.8.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-21540",
"url": "https://www.suse.com/security/cve/CVE-2022-21540"
},
{
"category": "external",
"summary": "SUSE Bug 1201694 for CVE-2022-21540",
"url": "https://bugzilla.suse.com/1201694"
},
{
"category": "external",
"summary": "SUSE Bug 1202427 for CVE-2022-21540",
"url": "https://bugzilla.suse.com/1202427"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:java-15-openjdk-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-demo-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-demo-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-demo-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-demo-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-devel-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-devel-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-devel-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-devel-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-headless-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-headless-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-headless-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-headless-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-src-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-src-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-src-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-src-15.0.8.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:java-15-openjdk-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-demo-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-demo-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-demo-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-demo-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-devel-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-devel-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-devel-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-devel-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-headless-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-headless-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-headless-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-headless-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-src-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-src-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-src-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-src-15.0.8.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2022-21540"
},
{
"cve": "CVE-2022-21541",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-21541"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.9 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:java-15-openjdk-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-demo-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-demo-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-demo-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-demo-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-devel-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-devel-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-devel-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-devel-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-headless-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-headless-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-headless-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-headless-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-src-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-src-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-src-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-src-15.0.8.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-21541",
"url": "https://www.suse.com/security/cve/CVE-2022-21541"
},
{
"category": "external",
"summary": "SUSE Bug 1201692 for CVE-2022-21541",
"url": "https://bugzilla.suse.com/1201692"
},
{
"category": "external",
"summary": "SUSE Bug 1202427 for CVE-2022-21541",
"url": "https://bugzilla.suse.com/1202427"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:java-15-openjdk-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-demo-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-demo-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-demo-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-demo-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-devel-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-devel-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-devel-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-devel-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-headless-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-headless-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-headless-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-headless-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-src-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-src-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-src-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-src-15.0.8.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:java-15-openjdk-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-demo-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-demo-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-demo-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-demo-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-devel-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-devel-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-devel-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-devel-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-headless-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-headless-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-headless-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-headless-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-src-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-src-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-src-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-src-15.0.8.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2022-21541"
},
{
"cve": "CVE-2022-34169",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-34169"
}
],
"notes": [
{
"category": "general",
"text": "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:java-15-openjdk-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-demo-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-demo-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-demo-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-demo-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-devel-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-devel-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-devel-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-devel-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-headless-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-headless-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-headless-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-headless-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-src-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-src-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-src-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-src-15.0.8.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-34169",
"url": "https://www.suse.com/security/cve/CVE-2022-34169"
},
{
"category": "external",
"summary": "SUSE Bug 1201684 for CVE-2022-34169",
"url": "https://bugzilla.suse.com/1201684"
},
{
"category": "external",
"summary": "SUSE Bug 1202427 for CVE-2022-34169",
"url": "https://bugzilla.suse.com/1202427"
},
{
"category": "external",
"summary": "SUSE Bug 1207688 for CVE-2022-34169",
"url": "https://bugzilla.suse.com/1207688"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:java-15-openjdk-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-demo-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-demo-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-demo-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-demo-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-devel-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-devel-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-devel-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-devel-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-headless-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-headless-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-headless-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-headless-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-src-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-src-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-src-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-src-15.0.8.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:java-15-openjdk-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-accessibility-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-demo-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-demo-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-demo-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-demo-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-devel-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-devel-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-devel-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-devel-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-headless-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-headless-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-headless-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-headless-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-javadoc-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-jmods-15.0.8.0-1.1.x86_64",
"openSUSE Tumbleweed:java-15-openjdk-src-15.0.8.0-1.1.aarch64",
"openSUSE Tumbleweed:java-15-openjdk-src-15.0.8.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-15-openjdk-src-15.0.8.0-1.1.s390x",
"openSUSE Tumbleweed:java-15-openjdk-src-15.0.8.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2022-34169"
}
]
}
OPENSUSE-SU-2024:12203-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
java-18-openjdk-18.0.2.0-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: java-18-openjdk-18.0.2.0-1.1 on GA media
Description of the patch: These are all security issues fixed in the java-18-openjdk-18.0.2.0-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-12203
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-18.0.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-18.0.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-18.0.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-18.0.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-accessibility-18.0.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-accessibility-18.0.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-accessibility-18.0.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-accessibility-18.0.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-demo-18.0.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-demo-18.0.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-demo-18.0.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-demo-18.0.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-devel-18.0.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-devel-18.0.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-devel-18.0.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-devel-18.0.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-headless-18.0.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-headless-18.0.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-headless-18.0.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-headless-18.0.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-javadoc-18.0.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-javadoc-18.0.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-javadoc-18.0.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-javadoc-18.0.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-jmods-18.0.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-jmods-18.0.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-jmods-18.0.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-jmods-18.0.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-src-18.0.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-src-18.0.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-src-18.0.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-src-18.0.2.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-18.0.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-18.0.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-18.0.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-18.0.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-accessibility-18.0.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-accessibility-18.0.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-accessibility-18.0.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-accessibility-18.0.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-demo-18.0.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-demo-18.0.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-demo-18.0.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-demo-18.0.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-devel-18.0.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-devel-18.0.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-devel-18.0.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-devel-18.0.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-headless-18.0.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-headless-18.0.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-headless-18.0.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-headless-18.0.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-javadoc-18.0.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-javadoc-18.0.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-javadoc-18.0.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-javadoc-18.0.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-jmods-18.0.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-jmods-18.0.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-jmods-18.0.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-jmods-18.0.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-src-18.0.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-src-18.0.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-src-18.0.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-src-18.0.2.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-18.0.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-18.0.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-18.0.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-18.0.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-accessibility-18.0.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-accessibility-18.0.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-accessibility-18.0.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-accessibility-18.0.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-demo-18.0.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-demo-18.0.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-demo-18.0.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-demo-18.0.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-devel-18.0.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-devel-18.0.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-devel-18.0.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-devel-18.0.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-headless-18.0.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-headless-18.0.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-headless-18.0.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-headless-18.0.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-javadoc-18.0.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-javadoc-18.0.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-javadoc-18.0.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-javadoc-18.0.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-jmods-18.0.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-jmods-18.0.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-jmods-18.0.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-jmods-18.0.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-src-18.0.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-src-18.0.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-src-18.0.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-18-openjdk-src-18.0.2.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
15 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "java-18-openjdk-18.0.2.0-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the java-18-openjdk-18.0.2.0-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-12203",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_12203-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-21540 page",
"url": "https://www.suse.com/security/cve/CVE-2022-21540/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-21541 page",
"url": "https://www.suse.com/security/cve/CVE-2022-21541/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-34169 page",
"url": "https://www.suse.com/security/cve/CVE-2022-34169/"
}
],
"title": "java-18-openjdk-18.0.2.0-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:12203-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "java-18-openjdk-18.0.2.0-1.1.aarch64",
"product": {
"name": "java-18-openjdk-18.0.2.0-1.1.aarch64",
"product_id": "java-18-openjdk-18.0.2.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-18-openjdk-accessibility-18.0.2.0-1.1.aarch64",
"product": {
"name": "java-18-openjdk-accessibility-18.0.2.0-1.1.aarch64",
"product_id": "java-18-openjdk-accessibility-18.0.2.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-18-openjdk-demo-18.0.2.0-1.1.aarch64",
"product": {
"name": "java-18-openjdk-demo-18.0.2.0-1.1.aarch64",
"product_id": "java-18-openjdk-demo-18.0.2.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-18-openjdk-devel-18.0.2.0-1.1.aarch64",
"product": {
"name": "java-18-openjdk-devel-18.0.2.0-1.1.aarch64",
"product_id": "java-18-openjdk-devel-18.0.2.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-18-openjdk-headless-18.0.2.0-1.1.aarch64",
"product": {
"name": "java-18-openjdk-headless-18.0.2.0-1.1.aarch64",
"product_id": "java-18-openjdk-headless-18.0.2.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-18-openjdk-javadoc-18.0.2.0-1.1.aarch64",
"product": {
"name": "java-18-openjdk-javadoc-18.0.2.0-1.1.aarch64",
"product_id": "java-18-openjdk-javadoc-18.0.2.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-18-openjdk-jmods-18.0.2.0-1.1.aarch64",
"product": {
"name": "java-18-openjdk-jmods-18.0.2.0-1.1.aarch64",
"product_id": "java-18-openjdk-jmods-18.0.2.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-18-openjdk-src-18.0.2.0-1.1.aarch64",
"product": {
"name": "java-18-openjdk-src-18.0.2.0-1.1.aarch64",
"product_id": "java-18-openjdk-src-18.0.2.0-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-18-openjdk-18.0.2.0-1.1.ppc64le",
"product": {
"name": "java-18-openjdk-18.0.2.0-1.1.ppc64le",
"product_id": "java-18-openjdk-18.0.2.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-18-openjdk-accessibility-18.0.2.0-1.1.ppc64le",
"product": {
"name": "java-18-openjdk-accessibility-18.0.2.0-1.1.ppc64le",
"product_id": "java-18-openjdk-accessibility-18.0.2.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-18-openjdk-demo-18.0.2.0-1.1.ppc64le",
"product": {
"name": "java-18-openjdk-demo-18.0.2.0-1.1.ppc64le",
"product_id": "java-18-openjdk-demo-18.0.2.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-18-openjdk-devel-18.0.2.0-1.1.ppc64le",
"product": {
"name": "java-18-openjdk-devel-18.0.2.0-1.1.ppc64le",
"product_id": "java-18-openjdk-devel-18.0.2.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-18-openjdk-headless-18.0.2.0-1.1.ppc64le",
"product": {
"name": "java-18-openjdk-headless-18.0.2.0-1.1.ppc64le",
"product_id": "java-18-openjdk-headless-18.0.2.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-18-openjdk-javadoc-18.0.2.0-1.1.ppc64le",
"product": {
"name": "java-18-openjdk-javadoc-18.0.2.0-1.1.ppc64le",
"product_id": "java-18-openjdk-javadoc-18.0.2.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-18-openjdk-jmods-18.0.2.0-1.1.ppc64le",
"product": {
"name": "java-18-openjdk-jmods-18.0.2.0-1.1.ppc64le",
"product_id": "java-18-openjdk-jmods-18.0.2.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-18-openjdk-src-18.0.2.0-1.1.ppc64le",
"product": {
"name": "java-18-openjdk-src-18.0.2.0-1.1.ppc64le",
"product_id": "java-18-openjdk-src-18.0.2.0-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "java-18-openjdk-18.0.2.0-1.1.s390x",
"product": {
"name": "java-18-openjdk-18.0.2.0-1.1.s390x",
"product_id": "java-18-openjdk-18.0.2.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-18-openjdk-accessibility-18.0.2.0-1.1.s390x",
"product": {
"name": "java-18-openjdk-accessibility-18.0.2.0-1.1.s390x",
"product_id": "java-18-openjdk-accessibility-18.0.2.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-18-openjdk-demo-18.0.2.0-1.1.s390x",
"product": {
"name": "java-18-openjdk-demo-18.0.2.0-1.1.s390x",
"product_id": "java-18-openjdk-demo-18.0.2.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-18-openjdk-devel-18.0.2.0-1.1.s390x",
"product": {
"name": "java-18-openjdk-devel-18.0.2.0-1.1.s390x",
"product_id": "java-18-openjdk-devel-18.0.2.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-18-openjdk-headless-18.0.2.0-1.1.s390x",
"product": {
"name": "java-18-openjdk-headless-18.0.2.0-1.1.s390x",
"product_id": "java-18-openjdk-headless-18.0.2.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-18-openjdk-javadoc-18.0.2.0-1.1.s390x",
"product": {
"name": "java-18-openjdk-javadoc-18.0.2.0-1.1.s390x",
"product_id": "java-18-openjdk-javadoc-18.0.2.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-18-openjdk-jmods-18.0.2.0-1.1.s390x",
"product": {
"name": "java-18-openjdk-jmods-18.0.2.0-1.1.s390x",
"product_id": "java-18-openjdk-jmods-18.0.2.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-18-openjdk-src-18.0.2.0-1.1.s390x",
"product": {
"name": "java-18-openjdk-src-18.0.2.0-1.1.s390x",
"product_id": "java-18-openjdk-src-18.0.2.0-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "java-18-openjdk-18.0.2.0-1.1.x86_64",
"product": {
"name": "java-18-openjdk-18.0.2.0-1.1.x86_64",
"product_id": "java-18-openjdk-18.0.2.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-18-openjdk-accessibility-18.0.2.0-1.1.x86_64",
"product": {
"name": "java-18-openjdk-accessibility-18.0.2.0-1.1.x86_64",
"product_id": "java-18-openjdk-accessibility-18.0.2.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-18-openjdk-demo-18.0.2.0-1.1.x86_64",
"product": {
"name": "java-18-openjdk-demo-18.0.2.0-1.1.x86_64",
"product_id": "java-18-openjdk-demo-18.0.2.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-18-openjdk-devel-18.0.2.0-1.1.x86_64",
"product": {
"name": "java-18-openjdk-devel-18.0.2.0-1.1.x86_64",
"product_id": "java-18-openjdk-devel-18.0.2.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-18-openjdk-headless-18.0.2.0-1.1.x86_64",
"product": {
"name": "java-18-openjdk-headless-18.0.2.0-1.1.x86_64",
"product_id": "java-18-openjdk-headless-18.0.2.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-18-openjdk-javadoc-18.0.2.0-1.1.x86_64",
"product": {
"name": "java-18-openjdk-javadoc-18.0.2.0-1.1.x86_64",
"product_id": "java-18-openjdk-javadoc-18.0.2.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-18-openjdk-jmods-18.0.2.0-1.1.x86_64",
"product": {
"name": "java-18-openjdk-jmods-18.0.2.0-1.1.x86_64",
"product_id": "java-18-openjdk-jmods-18.0.2.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-18-openjdk-src-18.0.2.0-1.1.x86_64",
"product": {
"name": "java-18-openjdk-src-18.0.2.0-1.1.x86_64",
"product_id": "java-18-openjdk-src-18.0.2.0-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-18-openjdk-18.0.2.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-18-openjdk-18.0.2.0-1.1.aarch64"
},
"product_reference": "java-18-openjdk-18.0.2.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-18-openjdk-18.0.2.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-18-openjdk-18.0.2.0-1.1.ppc64le"
},
"product_reference": "java-18-openjdk-18.0.2.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-18-openjdk-18.0.2.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-18-openjdk-18.0.2.0-1.1.s390x"
},
"product_reference": "java-18-openjdk-18.0.2.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-18-openjdk-18.0.2.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-18-openjdk-18.0.2.0-1.1.x86_64"
},
"product_reference": "java-18-openjdk-18.0.2.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-18-openjdk-accessibility-18.0.2.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-18-openjdk-accessibility-18.0.2.0-1.1.aarch64"
},
"product_reference": "java-18-openjdk-accessibility-18.0.2.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-18-openjdk-accessibility-18.0.2.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-18-openjdk-accessibility-18.0.2.0-1.1.ppc64le"
},
"product_reference": "java-18-openjdk-accessibility-18.0.2.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-18-openjdk-accessibility-18.0.2.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-18-openjdk-accessibility-18.0.2.0-1.1.s390x"
},
"product_reference": "java-18-openjdk-accessibility-18.0.2.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-18-openjdk-accessibility-18.0.2.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-18-openjdk-accessibility-18.0.2.0-1.1.x86_64"
},
"product_reference": "java-18-openjdk-accessibility-18.0.2.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-18-openjdk-demo-18.0.2.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-18-openjdk-demo-18.0.2.0-1.1.aarch64"
},
"product_reference": "java-18-openjdk-demo-18.0.2.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-18-openjdk-demo-18.0.2.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-18-openjdk-demo-18.0.2.0-1.1.ppc64le"
},
"product_reference": "java-18-openjdk-demo-18.0.2.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-18-openjdk-demo-18.0.2.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-18-openjdk-demo-18.0.2.0-1.1.s390x"
},
"product_reference": "java-18-openjdk-demo-18.0.2.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-18-openjdk-demo-18.0.2.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-18-openjdk-demo-18.0.2.0-1.1.x86_64"
},
"product_reference": "java-18-openjdk-demo-18.0.2.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-18-openjdk-devel-18.0.2.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-18-openjdk-devel-18.0.2.0-1.1.aarch64"
},
"product_reference": "java-18-openjdk-devel-18.0.2.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-18-openjdk-devel-18.0.2.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-18-openjdk-devel-18.0.2.0-1.1.ppc64le"
},
"product_reference": "java-18-openjdk-devel-18.0.2.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-18-openjdk-devel-18.0.2.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-18-openjdk-devel-18.0.2.0-1.1.s390x"
},
"product_reference": "java-18-openjdk-devel-18.0.2.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-18-openjdk-devel-18.0.2.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-18-openjdk-devel-18.0.2.0-1.1.x86_64"
},
"product_reference": "java-18-openjdk-devel-18.0.2.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-18-openjdk-headless-18.0.2.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-18-openjdk-headless-18.0.2.0-1.1.aarch64"
},
"product_reference": "java-18-openjdk-headless-18.0.2.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-18-openjdk-headless-18.0.2.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-18-openjdk-headless-18.0.2.0-1.1.ppc64le"
},
"product_reference": "java-18-openjdk-headless-18.0.2.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-18-openjdk-headless-18.0.2.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-18-openjdk-headless-18.0.2.0-1.1.s390x"
},
"product_reference": "java-18-openjdk-headless-18.0.2.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-18-openjdk-headless-18.0.2.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-18-openjdk-headless-18.0.2.0-1.1.x86_64"
},
"product_reference": "java-18-openjdk-headless-18.0.2.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-18-openjdk-javadoc-18.0.2.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-18-openjdk-javadoc-18.0.2.0-1.1.aarch64"
},
"product_reference": "java-18-openjdk-javadoc-18.0.2.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-18-openjdk-javadoc-18.0.2.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-18-openjdk-javadoc-18.0.2.0-1.1.ppc64le"
},
"product_reference": "java-18-openjdk-javadoc-18.0.2.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-18-openjdk-javadoc-18.0.2.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-18-openjdk-javadoc-18.0.2.0-1.1.s390x"
},
"product_reference": "java-18-openjdk-javadoc-18.0.2.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-18-openjdk-javadoc-18.0.2.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-18-openjdk-javadoc-18.0.2.0-1.1.x86_64"
},
"product_reference": "java-18-openjdk-javadoc-18.0.2.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-18-openjdk-jmods-18.0.2.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-18-openjdk-jmods-18.0.2.0-1.1.aarch64"
},
"product_reference": "java-18-openjdk-jmods-18.0.2.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-18-openjdk-jmods-18.0.2.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-18-openjdk-jmods-18.0.2.0-1.1.ppc64le"
},
"product_reference": "java-18-openjdk-jmods-18.0.2.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-18-openjdk-jmods-18.0.2.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-18-openjdk-jmods-18.0.2.0-1.1.s390x"
},
"product_reference": "java-18-openjdk-jmods-18.0.2.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-18-openjdk-jmods-18.0.2.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-18-openjdk-jmods-18.0.2.0-1.1.x86_64"
},
"product_reference": "java-18-openjdk-jmods-18.0.2.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-18-openjdk-src-18.0.2.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-18-openjdk-src-18.0.2.0-1.1.aarch64"
},
"product_reference": "java-18-openjdk-src-18.0.2.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-18-openjdk-src-18.0.2.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-18-openjdk-src-18.0.2.0-1.1.ppc64le"
},
"product_reference": "java-18-openjdk-src-18.0.2.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-18-openjdk-src-18.0.2.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-18-openjdk-src-18.0.2.0-1.1.s390x"
},
"product_reference": "java-18-openjdk-src-18.0.2.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-18-openjdk-src-18.0.2.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-18-openjdk-src-18.0.2.0-1.1.x86_64"
},
"product_reference": "java-18-openjdk-src-18.0.2.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-21540",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-21540"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:java-18-openjdk-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-accessibility-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-accessibility-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-accessibility-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-accessibility-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-demo-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-demo-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-demo-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-demo-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-devel-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-devel-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-devel-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-devel-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-headless-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-headless-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-headless-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-headless-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-javadoc-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-javadoc-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-javadoc-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-javadoc-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-jmods-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-jmods-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-jmods-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-jmods-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-src-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-src-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-src-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-src-18.0.2.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-21540",
"url": "https://www.suse.com/security/cve/CVE-2022-21540"
},
{
"category": "external",
"summary": "SUSE Bug 1201694 for CVE-2022-21540",
"url": "https://bugzilla.suse.com/1201694"
},
{
"category": "external",
"summary": "SUSE Bug 1202427 for CVE-2022-21540",
"url": "https://bugzilla.suse.com/1202427"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:java-18-openjdk-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-accessibility-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-accessibility-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-accessibility-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-accessibility-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-demo-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-demo-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-demo-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-demo-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-devel-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-devel-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-devel-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-devel-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-headless-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-headless-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-headless-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-headless-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-javadoc-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-javadoc-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-javadoc-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-javadoc-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-jmods-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-jmods-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-jmods-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-jmods-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-src-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-src-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-src-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-src-18.0.2.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:java-18-openjdk-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-accessibility-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-accessibility-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-accessibility-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-accessibility-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-demo-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-demo-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-demo-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-demo-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-devel-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-devel-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-devel-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-devel-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-headless-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-headless-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-headless-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-headless-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-javadoc-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-javadoc-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-javadoc-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-javadoc-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-jmods-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-jmods-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-jmods-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-jmods-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-src-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-src-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-src-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-src-18.0.2.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2022-21540"
},
{
"cve": "CVE-2022-21541",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-21541"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.9 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:java-18-openjdk-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-accessibility-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-accessibility-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-accessibility-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-accessibility-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-demo-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-demo-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-demo-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-demo-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-devel-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-devel-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-devel-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-devel-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-headless-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-headless-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-headless-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-headless-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-javadoc-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-javadoc-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-javadoc-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-javadoc-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-jmods-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-jmods-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-jmods-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-jmods-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-src-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-src-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-src-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-src-18.0.2.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-21541",
"url": "https://www.suse.com/security/cve/CVE-2022-21541"
},
{
"category": "external",
"summary": "SUSE Bug 1201692 for CVE-2022-21541",
"url": "https://bugzilla.suse.com/1201692"
},
{
"category": "external",
"summary": "SUSE Bug 1202427 for CVE-2022-21541",
"url": "https://bugzilla.suse.com/1202427"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:java-18-openjdk-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-accessibility-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-accessibility-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-accessibility-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-accessibility-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-demo-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-demo-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-demo-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-demo-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-devel-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-devel-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-devel-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-devel-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-headless-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-headless-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-headless-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-headless-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-javadoc-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-javadoc-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-javadoc-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-javadoc-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-jmods-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-jmods-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-jmods-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-jmods-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-src-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-src-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-src-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-src-18.0.2.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:java-18-openjdk-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-accessibility-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-accessibility-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-accessibility-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-accessibility-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-demo-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-demo-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-demo-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-demo-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-devel-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-devel-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-devel-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-devel-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-headless-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-headless-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-headless-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-headless-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-javadoc-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-javadoc-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-javadoc-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-javadoc-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-jmods-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-jmods-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-jmods-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-jmods-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-src-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-src-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-src-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-src-18.0.2.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2022-21541"
},
{
"cve": "CVE-2022-34169",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-34169"
}
],
"notes": [
{
"category": "general",
"text": "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:java-18-openjdk-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-accessibility-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-accessibility-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-accessibility-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-accessibility-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-demo-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-demo-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-demo-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-demo-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-devel-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-devel-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-devel-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-devel-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-headless-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-headless-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-headless-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-headless-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-javadoc-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-javadoc-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-javadoc-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-javadoc-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-jmods-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-jmods-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-jmods-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-jmods-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-src-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-src-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-src-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-src-18.0.2.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-34169",
"url": "https://www.suse.com/security/cve/CVE-2022-34169"
},
{
"category": "external",
"summary": "SUSE Bug 1201684 for CVE-2022-34169",
"url": "https://bugzilla.suse.com/1201684"
},
{
"category": "external",
"summary": "SUSE Bug 1202427 for CVE-2022-34169",
"url": "https://bugzilla.suse.com/1202427"
},
{
"category": "external",
"summary": "SUSE Bug 1207688 for CVE-2022-34169",
"url": "https://bugzilla.suse.com/1207688"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:java-18-openjdk-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-accessibility-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-accessibility-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-accessibility-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-accessibility-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-demo-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-demo-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-demo-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-demo-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-devel-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-devel-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-devel-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-devel-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-headless-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-headless-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-headless-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-headless-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-javadoc-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-javadoc-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-javadoc-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-javadoc-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-jmods-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-jmods-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-jmods-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-jmods-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-src-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-src-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-src-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-src-18.0.2.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:java-18-openjdk-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-accessibility-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-accessibility-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-accessibility-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-accessibility-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-demo-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-demo-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-demo-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-demo-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-devel-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-devel-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-devel-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-devel-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-headless-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-headless-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-headless-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-headless-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-javadoc-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-javadoc-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-javadoc-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-javadoc-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-jmods-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-jmods-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-jmods-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-jmods-18.0.2.0-1.1.x86_64",
"openSUSE Tumbleweed:java-18-openjdk-src-18.0.2.0-1.1.aarch64",
"openSUSE Tumbleweed:java-18-openjdk-src-18.0.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-18-openjdk-src-18.0.2.0-1.1.s390x",
"openSUSE Tumbleweed:java-18-openjdk-src-18.0.2.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2022-34169"
}
]
}
OPENSUSE-SU-2024:12207-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
java-11-openjdk-11.0.16.0-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: java-11-openjdk-11.0.16.0-1.1 on GA media
Description of the patch: These are all security issues fixed in the java-11-openjdk-11.0.16.0-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-12207
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-11.0.16.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-11.0.16.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-11.0.16.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-11.0.16.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.16.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.16.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.16.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.16.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-demo-11.0.16.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-demo-11.0.16.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-demo-11.0.16.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-demo-11.0.16.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-devel-11.0.16.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-devel-11.0.16.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-devel-11.0.16.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-devel-11.0.16.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-headless-11.0.16.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-headless-11.0.16.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-headless-11.0.16.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-headless-11.0.16.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.16.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.16.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.16.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.16.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.16.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.16.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.16.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.16.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-src-11.0.16.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-src-11.0.16.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-src-11.0.16.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-src-11.0.16.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-11.0.16.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-11.0.16.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-11.0.16.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-11.0.16.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.16.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.16.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.16.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.16.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-demo-11.0.16.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-demo-11.0.16.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-demo-11.0.16.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-demo-11.0.16.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-devel-11.0.16.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-devel-11.0.16.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-devel-11.0.16.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-devel-11.0.16.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-headless-11.0.16.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-headless-11.0.16.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-headless-11.0.16.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-headless-11.0.16.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.16.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.16.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.16.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.16.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.16.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.16.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.16.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.16.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-src-11.0.16.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-src-11.0.16.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-src-11.0.16.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-src-11.0.16.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-11.0.16.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-11.0.16.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-11.0.16.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-11.0.16.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.16.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.16.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.16.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.16.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-demo-11.0.16.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-demo-11.0.16.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-demo-11.0.16.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-demo-11.0.16.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-devel-11.0.16.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-devel-11.0.16.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-devel-11.0.16.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-devel-11.0.16.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-headless-11.0.16.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-headless-11.0.16.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-headless-11.0.16.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-headless-11.0.16.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.16.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.16.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.16.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.16.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.16.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.16.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.16.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.16.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-src-11.0.16.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-src-11.0.16.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-src-11.0.16.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openjdk-src-11.0.16.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
15 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "java-11-openjdk-11.0.16.0-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the java-11-openjdk-11.0.16.0-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-12207",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_12207-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-21540 page",
"url": "https://www.suse.com/security/cve/CVE-2022-21540/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-21541 page",
"url": "https://www.suse.com/security/cve/CVE-2022-21541/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-34169 page",
"url": "https://www.suse.com/security/cve/CVE-2022-34169/"
}
],
"title": "java-11-openjdk-11.0.16.0-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:12207-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "java-11-openjdk-11.0.16.0-1.1.aarch64",
"product": {
"name": "java-11-openjdk-11.0.16.0-1.1.aarch64",
"product_id": "java-11-openjdk-11.0.16.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-accessibility-11.0.16.0-1.1.aarch64",
"product": {
"name": "java-11-openjdk-accessibility-11.0.16.0-1.1.aarch64",
"product_id": "java-11-openjdk-accessibility-11.0.16.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-demo-11.0.16.0-1.1.aarch64",
"product": {
"name": "java-11-openjdk-demo-11.0.16.0-1.1.aarch64",
"product_id": "java-11-openjdk-demo-11.0.16.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-devel-11.0.16.0-1.1.aarch64",
"product": {
"name": "java-11-openjdk-devel-11.0.16.0-1.1.aarch64",
"product_id": "java-11-openjdk-devel-11.0.16.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-headless-11.0.16.0-1.1.aarch64",
"product": {
"name": "java-11-openjdk-headless-11.0.16.0-1.1.aarch64",
"product_id": "java-11-openjdk-headless-11.0.16.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-javadoc-11.0.16.0-1.1.aarch64",
"product": {
"name": "java-11-openjdk-javadoc-11.0.16.0-1.1.aarch64",
"product_id": "java-11-openjdk-javadoc-11.0.16.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-jmods-11.0.16.0-1.1.aarch64",
"product": {
"name": "java-11-openjdk-jmods-11.0.16.0-1.1.aarch64",
"product_id": "java-11-openjdk-jmods-11.0.16.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-src-11.0.16.0-1.1.aarch64",
"product": {
"name": "java-11-openjdk-src-11.0.16.0-1.1.aarch64",
"product_id": "java-11-openjdk-src-11.0.16.0-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-11-openjdk-11.0.16.0-1.1.ppc64le",
"product": {
"name": "java-11-openjdk-11.0.16.0-1.1.ppc64le",
"product_id": "java-11-openjdk-11.0.16.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-accessibility-11.0.16.0-1.1.ppc64le",
"product": {
"name": "java-11-openjdk-accessibility-11.0.16.0-1.1.ppc64le",
"product_id": "java-11-openjdk-accessibility-11.0.16.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-demo-11.0.16.0-1.1.ppc64le",
"product": {
"name": "java-11-openjdk-demo-11.0.16.0-1.1.ppc64le",
"product_id": "java-11-openjdk-demo-11.0.16.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-devel-11.0.16.0-1.1.ppc64le",
"product": {
"name": "java-11-openjdk-devel-11.0.16.0-1.1.ppc64le",
"product_id": "java-11-openjdk-devel-11.0.16.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-headless-11.0.16.0-1.1.ppc64le",
"product": {
"name": "java-11-openjdk-headless-11.0.16.0-1.1.ppc64le",
"product_id": "java-11-openjdk-headless-11.0.16.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-javadoc-11.0.16.0-1.1.ppc64le",
"product": {
"name": "java-11-openjdk-javadoc-11.0.16.0-1.1.ppc64le",
"product_id": "java-11-openjdk-javadoc-11.0.16.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-jmods-11.0.16.0-1.1.ppc64le",
"product": {
"name": "java-11-openjdk-jmods-11.0.16.0-1.1.ppc64le",
"product_id": "java-11-openjdk-jmods-11.0.16.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-src-11.0.16.0-1.1.ppc64le",
"product": {
"name": "java-11-openjdk-src-11.0.16.0-1.1.ppc64le",
"product_id": "java-11-openjdk-src-11.0.16.0-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "java-11-openjdk-11.0.16.0-1.1.s390x",
"product": {
"name": "java-11-openjdk-11.0.16.0-1.1.s390x",
"product_id": "java-11-openjdk-11.0.16.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-accessibility-11.0.16.0-1.1.s390x",
"product": {
"name": "java-11-openjdk-accessibility-11.0.16.0-1.1.s390x",
"product_id": "java-11-openjdk-accessibility-11.0.16.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-demo-11.0.16.0-1.1.s390x",
"product": {
"name": "java-11-openjdk-demo-11.0.16.0-1.1.s390x",
"product_id": "java-11-openjdk-demo-11.0.16.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-devel-11.0.16.0-1.1.s390x",
"product": {
"name": "java-11-openjdk-devel-11.0.16.0-1.1.s390x",
"product_id": "java-11-openjdk-devel-11.0.16.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-headless-11.0.16.0-1.1.s390x",
"product": {
"name": "java-11-openjdk-headless-11.0.16.0-1.1.s390x",
"product_id": "java-11-openjdk-headless-11.0.16.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-javadoc-11.0.16.0-1.1.s390x",
"product": {
"name": "java-11-openjdk-javadoc-11.0.16.0-1.1.s390x",
"product_id": "java-11-openjdk-javadoc-11.0.16.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-jmods-11.0.16.0-1.1.s390x",
"product": {
"name": "java-11-openjdk-jmods-11.0.16.0-1.1.s390x",
"product_id": "java-11-openjdk-jmods-11.0.16.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-src-11.0.16.0-1.1.s390x",
"product": {
"name": "java-11-openjdk-src-11.0.16.0-1.1.s390x",
"product_id": "java-11-openjdk-src-11.0.16.0-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "java-11-openjdk-11.0.16.0-1.1.x86_64",
"product": {
"name": "java-11-openjdk-11.0.16.0-1.1.x86_64",
"product_id": "java-11-openjdk-11.0.16.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-accessibility-11.0.16.0-1.1.x86_64",
"product": {
"name": "java-11-openjdk-accessibility-11.0.16.0-1.1.x86_64",
"product_id": "java-11-openjdk-accessibility-11.0.16.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-demo-11.0.16.0-1.1.x86_64",
"product": {
"name": "java-11-openjdk-demo-11.0.16.0-1.1.x86_64",
"product_id": "java-11-openjdk-demo-11.0.16.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-devel-11.0.16.0-1.1.x86_64",
"product": {
"name": "java-11-openjdk-devel-11.0.16.0-1.1.x86_64",
"product_id": "java-11-openjdk-devel-11.0.16.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-headless-11.0.16.0-1.1.x86_64",
"product": {
"name": "java-11-openjdk-headless-11.0.16.0-1.1.x86_64",
"product_id": "java-11-openjdk-headless-11.0.16.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-javadoc-11.0.16.0-1.1.x86_64",
"product": {
"name": "java-11-openjdk-javadoc-11.0.16.0-1.1.x86_64",
"product_id": "java-11-openjdk-javadoc-11.0.16.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-jmods-11.0.16.0-1.1.x86_64",
"product": {
"name": "java-11-openjdk-jmods-11.0.16.0-1.1.x86_64",
"product_id": "java-11-openjdk-jmods-11.0.16.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-src-11.0.16.0-1.1.x86_64",
"product": {
"name": "java-11-openjdk-src-11.0.16.0-1.1.x86_64",
"product_id": "java-11-openjdk-src-11.0.16.0-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-11.0.16.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openjdk-11.0.16.0-1.1.aarch64"
},
"product_reference": "java-11-openjdk-11.0.16.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-11.0.16.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openjdk-11.0.16.0-1.1.ppc64le"
},
"product_reference": "java-11-openjdk-11.0.16.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-11.0.16.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openjdk-11.0.16.0-1.1.s390x"
},
"product_reference": "java-11-openjdk-11.0.16.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-11.0.16.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openjdk-11.0.16.0-1.1.x86_64"
},
"product_reference": "java-11-openjdk-11.0.16.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-accessibility-11.0.16.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.16.0-1.1.aarch64"
},
"product_reference": "java-11-openjdk-accessibility-11.0.16.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-accessibility-11.0.16.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.16.0-1.1.ppc64le"
},
"product_reference": "java-11-openjdk-accessibility-11.0.16.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-accessibility-11.0.16.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.16.0-1.1.s390x"
},
"product_reference": "java-11-openjdk-accessibility-11.0.16.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-accessibility-11.0.16.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.16.0-1.1.x86_64"
},
"product_reference": "java-11-openjdk-accessibility-11.0.16.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-demo-11.0.16.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.16.0-1.1.aarch64"
},
"product_reference": "java-11-openjdk-demo-11.0.16.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-demo-11.0.16.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.16.0-1.1.ppc64le"
},
"product_reference": "java-11-openjdk-demo-11.0.16.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-demo-11.0.16.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.16.0-1.1.s390x"
},
"product_reference": "java-11-openjdk-demo-11.0.16.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-demo-11.0.16.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openjdk-demo-11.0.16.0-1.1.x86_64"
},
"product_reference": "java-11-openjdk-demo-11.0.16.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-devel-11.0.16.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.16.0-1.1.aarch64"
},
"product_reference": "java-11-openjdk-devel-11.0.16.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-devel-11.0.16.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.16.0-1.1.ppc64le"
},
"product_reference": "java-11-openjdk-devel-11.0.16.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-devel-11.0.16.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.16.0-1.1.s390x"
},
"product_reference": "java-11-openjdk-devel-11.0.16.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-devel-11.0.16.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openjdk-devel-11.0.16.0-1.1.x86_64"
},
"product_reference": "java-11-openjdk-devel-11.0.16.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-headless-11.0.16.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.16.0-1.1.aarch64"
},
"product_reference": "java-11-openjdk-headless-11.0.16.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-headless-11.0.16.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.16.0-1.1.ppc64le"
},
"product_reference": "java-11-openjdk-headless-11.0.16.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-headless-11.0.16.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.16.0-1.1.s390x"
},
"product_reference": "java-11-openjdk-headless-11.0.16.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-headless-11.0.16.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openjdk-headless-11.0.16.0-1.1.x86_64"
},
"product_reference": "java-11-openjdk-headless-11.0.16.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-javadoc-11.0.16.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.16.0-1.1.aarch64"
},
"product_reference": "java-11-openjdk-javadoc-11.0.16.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-javadoc-11.0.16.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.16.0-1.1.ppc64le"
},
"product_reference": "java-11-openjdk-javadoc-11.0.16.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-javadoc-11.0.16.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.16.0-1.1.s390x"
},
"product_reference": "java-11-openjdk-javadoc-11.0.16.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-javadoc-11.0.16.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.16.0-1.1.x86_64"
},
"product_reference": "java-11-openjdk-javadoc-11.0.16.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-jmods-11.0.16.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.16.0-1.1.aarch64"
},
"product_reference": "java-11-openjdk-jmods-11.0.16.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-jmods-11.0.16.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.16.0-1.1.ppc64le"
},
"product_reference": "java-11-openjdk-jmods-11.0.16.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-jmods-11.0.16.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.16.0-1.1.s390x"
},
"product_reference": "java-11-openjdk-jmods-11.0.16.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-jmods-11.0.16.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.16.0-1.1.x86_64"
},
"product_reference": "java-11-openjdk-jmods-11.0.16.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-src-11.0.16.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openjdk-src-11.0.16.0-1.1.aarch64"
},
"product_reference": "java-11-openjdk-src-11.0.16.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-src-11.0.16.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openjdk-src-11.0.16.0-1.1.ppc64le"
},
"product_reference": "java-11-openjdk-src-11.0.16.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-src-11.0.16.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openjdk-src-11.0.16.0-1.1.s390x"
},
"product_reference": "java-11-openjdk-src-11.0.16.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-src-11.0.16.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openjdk-src-11.0.16.0-1.1.x86_64"
},
"product_reference": "java-11-openjdk-src-11.0.16.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-21540",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-21540"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:java-11-openjdk-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-demo-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-demo-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-demo-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-demo-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-devel-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-devel-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-devel-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-devel-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-headless-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-headless-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-headless-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-headless-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-src-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-src-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-src-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-src-11.0.16.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-21540",
"url": "https://www.suse.com/security/cve/CVE-2022-21540"
},
{
"category": "external",
"summary": "SUSE Bug 1201694 for CVE-2022-21540",
"url": "https://bugzilla.suse.com/1201694"
},
{
"category": "external",
"summary": "SUSE Bug 1202427 for CVE-2022-21540",
"url": "https://bugzilla.suse.com/1202427"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:java-11-openjdk-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-demo-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-demo-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-demo-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-demo-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-devel-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-devel-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-devel-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-devel-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-headless-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-headless-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-headless-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-headless-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-src-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-src-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-src-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-src-11.0.16.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:java-11-openjdk-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-demo-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-demo-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-demo-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-demo-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-devel-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-devel-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-devel-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-devel-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-headless-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-headless-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-headless-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-headless-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-src-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-src-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-src-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-src-11.0.16.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2022-21540"
},
{
"cve": "CVE-2022-21541",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-21541"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.9 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:java-11-openjdk-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-demo-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-demo-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-demo-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-demo-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-devel-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-devel-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-devel-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-devel-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-headless-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-headless-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-headless-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-headless-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-src-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-src-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-src-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-src-11.0.16.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-21541",
"url": "https://www.suse.com/security/cve/CVE-2022-21541"
},
{
"category": "external",
"summary": "SUSE Bug 1201692 for CVE-2022-21541",
"url": "https://bugzilla.suse.com/1201692"
},
{
"category": "external",
"summary": "SUSE Bug 1202427 for CVE-2022-21541",
"url": "https://bugzilla.suse.com/1202427"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:java-11-openjdk-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-demo-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-demo-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-demo-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-demo-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-devel-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-devel-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-devel-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-devel-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-headless-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-headless-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-headless-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-headless-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-src-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-src-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-src-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-src-11.0.16.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:java-11-openjdk-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-demo-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-demo-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-demo-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-demo-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-devel-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-devel-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-devel-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-devel-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-headless-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-headless-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-headless-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-headless-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-src-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-src-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-src-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-src-11.0.16.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2022-21541"
},
{
"cve": "CVE-2022-34169",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-34169"
}
],
"notes": [
{
"category": "general",
"text": "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:java-11-openjdk-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-demo-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-demo-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-demo-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-demo-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-devel-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-devel-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-devel-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-devel-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-headless-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-headless-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-headless-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-headless-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-src-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-src-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-src-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-src-11.0.16.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-34169",
"url": "https://www.suse.com/security/cve/CVE-2022-34169"
},
{
"category": "external",
"summary": "SUSE Bug 1201684 for CVE-2022-34169",
"url": "https://bugzilla.suse.com/1201684"
},
{
"category": "external",
"summary": "SUSE Bug 1202427 for CVE-2022-34169",
"url": "https://bugzilla.suse.com/1202427"
},
{
"category": "external",
"summary": "SUSE Bug 1207688 for CVE-2022-34169",
"url": "https://bugzilla.suse.com/1207688"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:java-11-openjdk-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-demo-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-demo-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-demo-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-demo-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-devel-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-devel-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-devel-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-devel-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-headless-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-headless-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-headless-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-headless-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-src-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-src-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-src-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-src-11.0.16.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:java-11-openjdk-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-accessibility-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-demo-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-demo-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-demo-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-demo-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-devel-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-devel-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-devel-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-devel-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-headless-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-headless-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-headless-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-headless-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-javadoc-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-jmods-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openjdk-src-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openjdk-src-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openjdk-src-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openjdk-src-11.0.16.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2022-34169"
}
]
}
OPENSUSE-SU-2024:12208-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
java-17-openjdk-17.0.4.0-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: java-17-openjdk-17.0.4.0-1.1 on GA media
Description of the patch: These are all security issues fixed in the java-17-openjdk-17.0.4.0-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-12208
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
19 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "java-17-openjdk-17.0.4.0-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the java-17-openjdk-17.0.4.0-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-12208",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_12208-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-21540 page",
"url": "https://www.suse.com/security/cve/CVE-2022-21540/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-21541 page",
"url": "https://www.suse.com/security/cve/CVE-2022-21541/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-21549 page",
"url": "https://www.suse.com/security/cve/CVE-2022-21549/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-34169 page",
"url": "https://www.suse.com/security/cve/CVE-2022-34169/"
}
],
"title": "java-17-openjdk-17.0.4.0-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:12208-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "java-17-openjdk-17.0.4.0-1.1.aarch64",
"product": {
"name": "java-17-openjdk-17.0.4.0-1.1.aarch64",
"product_id": "java-17-openjdk-17.0.4.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-17-openjdk-accessibility-17.0.4.0-1.1.aarch64",
"product": {
"name": "java-17-openjdk-accessibility-17.0.4.0-1.1.aarch64",
"product_id": "java-17-openjdk-accessibility-17.0.4.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-17-openjdk-demo-17.0.4.0-1.1.aarch64",
"product": {
"name": "java-17-openjdk-demo-17.0.4.0-1.1.aarch64",
"product_id": "java-17-openjdk-demo-17.0.4.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-17-openjdk-devel-17.0.4.0-1.1.aarch64",
"product": {
"name": "java-17-openjdk-devel-17.0.4.0-1.1.aarch64",
"product_id": "java-17-openjdk-devel-17.0.4.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-17-openjdk-headless-17.0.4.0-1.1.aarch64",
"product": {
"name": "java-17-openjdk-headless-17.0.4.0-1.1.aarch64",
"product_id": "java-17-openjdk-headless-17.0.4.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-17-openjdk-javadoc-17.0.4.0-1.1.aarch64",
"product": {
"name": "java-17-openjdk-javadoc-17.0.4.0-1.1.aarch64",
"product_id": "java-17-openjdk-javadoc-17.0.4.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-17-openjdk-jmods-17.0.4.0-1.1.aarch64",
"product": {
"name": "java-17-openjdk-jmods-17.0.4.0-1.1.aarch64",
"product_id": "java-17-openjdk-jmods-17.0.4.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-17-openjdk-src-17.0.4.0-1.1.aarch64",
"product": {
"name": "java-17-openjdk-src-17.0.4.0-1.1.aarch64",
"product_id": "java-17-openjdk-src-17.0.4.0-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-17-openjdk-17.0.4.0-1.1.ppc64le",
"product": {
"name": "java-17-openjdk-17.0.4.0-1.1.ppc64le",
"product_id": "java-17-openjdk-17.0.4.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-17-openjdk-accessibility-17.0.4.0-1.1.ppc64le",
"product": {
"name": "java-17-openjdk-accessibility-17.0.4.0-1.1.ppc64le",
"product_id": "java-17-openjdk-accessibility-17.0.4.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-17-openjdk-demo-17.0.4.0-1.1.ppc64le",
"product": {
"name": "java-17-openjdk-demo-17.0.4.0-1.1.ppc64le",
"product_id": "java-17-openjdk-demo-17.0.4.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-17-openjdk-devel-17.0.4.0-1.1.ppc64le",
"product": {
"name": "java-17-openjdk-devel-17.0.4.0-1.1.ppc64le",
"product_id": "java-17-openjdk-devel-17.0.4.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-17-openjdk-headless-17.0.4.0-1.1.ppc64le",
"product": {
"name": "java-17-openjdk-headless-17.0.4.0-1.1.ppc64le",
"product_id": "java-17-openjdk-headless-17.0.4.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-17-openjdk-javadoc-17.0.4.0-1.1.ppc64le",
"product": {
"name": "java-17-openjdk-javadoc-17.0.4.0-1.1.ppc64le",
"product_id": "java-17-openjdk-javadoc-17.0.4.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-17-openjdk-jmods-17.0.4.0-1.1.ppc64le",
"product": {
"name": "java-17-openjdk-jmods-17.0.4.0-1.1.ppc64le",
"product_id": "java-17-openjdk-jmods-17.0.4.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-17-openjdk-src-17.0.4.0-1.1.ppc64le",
"product": {
"name": "java-17-openjdk-src-17.0.4.0-1.1.ppc64le",
"product_id": "java-17-openjdk-src-17.0.4.0-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "java-17-openjdk-17.0.4.0-1.1.s390x",
"product": {
"name": "java-17-openjdk-17.0.4.0-1.1.s390x",
"product_id": "java-17-openjdk-17.0.4.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-17-openjdk-accessibility-17.0.4.0-1.1.s390x",
"product": {
"name": "java-17-openjdk-accessibility-17.0.4.0-1.1.s390x",
"product_id": "java-17-openjdk-accessibility-17.0.4.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-17-openjdk-demo-17.0.4.0-1.1.s390x",
"product": {
"name": "java-17-openjdk-demo-17.0.4.0-1.1.s390x",
"product_id": "java-17-openjdk-demo-17.0.4.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-17-openjdk-devel-17.0.4.0-1.1.s390x",
"product": {
"name": "java-17-openjdk-devel-17.0.4.0-1.1.s390x",
"product_id": "java-17-openjdk-devel-17.0.4.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-17-openjdk-headless-17.0.4.0-1.1.s390x",
"product": {
"name": "java-17-openjdk-headless-17.0.4.0-1.1.s390x",
"product_id": "java-17-openjdk-headless-17.0.4.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-17-openjdk-javadoc-17.0.4.0-1.1.s390x",
"product": {
"name": "java-17-openjdk-javadoc-17.0.4.0-1.1.s390x",
"product_id": "java-17-openjdk-javadoc-17.0.4.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-17-openjdk-jmods-17.0.4.0-1.1.s390x",
"product": {
"name": "java-17-openjdk-jmods-17.0.4.0-1.1.s390x",
"product_id": "java-17-openjdk-jmods-17.0.4.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-17-openjdk-src-17.0.4.0-1.1.s390x",
"product": {
"name": "java-17-openjdk-src-17.0.4.0-1.1.s390x",
"product_id": "java-17-openjdk-src-17.0.4.0-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "java-17-openjdk-17.0.4.0-1.1.x86_64",
"product": {
"name": "java-17-openjdk-17.0.4.0-1.1.x86_64",
"product_id": "java-17-openjdk-17.0.4.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-17-openjdk-accessibility-17.0.4.0-1.1.x86_64",
"product": {
"name": "java-17-openjdk-accessibility-17.0.4.0-1.1.x86_64",
"product_id": "java-17-openjdk-accessibility-17.0.4.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-17-openjdk-demo-17.0.4.0-1.1.x86_64",
"product": {
"name": "java-17-openjdk-demo-17.0.4.0-1.1.x86_64",
"product_id": "java-17-openjdk-demo-17.0.4.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-17-openjdk-devel-17.0.4.0-1.1.x86_64",
"product": {
"name": "java-17-openjdk-devel-17.0.4.0-1.1.x86_64",
"product_id": "java-17-openjdk-devel-17.0.4.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-17-openjdk-headless-17.0.4.0-1.1.x86_64",
"product": {
"name": "java-17-openjdk-headless-17.0.4.0-1.1.x86_64",
"product_id": "java-17-openjdk-headless-17.0.4.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-17-openjdk-javadoc-17.0.4.0-1.1.x86_64",
"product": {
"name": "java-17-openjdk-javadoc-17.0.4.0-1.1.x86_64",
"product_id": "java-17-openjdk-javadoc-17.0.4.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-17-openjdk-jmods-17.0.4.0-1.1.x86_64",
"product": {
"name": "java-17-openjdk-jmods-17.0.4.0-1.1.x86_64",
"product_id": "java-17-openjdk-jmods-17.0.4.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-17-openjdk-src-17.0.4.0-1.1.x86_64",
"product": {
"name": "java-17-openjdk-src-17.0.4.0-1.1.x86_64",
"product_id": "java-17-openjdk-src-17.0.4.0-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openjdk-17.0.4.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.aarch64"
},
"product_reference": "java-17-openjdk-17.0.4.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openjdk-17.0.4.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.ppc64le"
},
"product_reference": "java-17-openjdk-17.0.4.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openjdk-17.0.4.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.s390x"
},
"product_reference": "java-17-openjdk-17.0.4.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openjdk-17.0.4.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.x86_64"
},
"product_reference": "java-17-openjdk-17.0.4.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openjdk-accessibility-17.0.4.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.aarch64"
},
"product_reference": "java-17-openjdk-accessibility-17.0.4.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openjdk-accessibility-17.0.4.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.ppc64le"
},
"product_reference": "java-17-openjdk-accessibility-17.0.4.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openjdk-accessibility-17.0.4.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.s390x"
},
"product_reference": "java-17-openjdk-accessibility-17.0.4.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openjdk-accessibility-17.0.4.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.x86_64"
},
"product_reference": "java-17-openjdk-accessibility-17.0.4.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openjdk-demo-17.0.4.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.aarch64"
},
"product_reference": "java-17-openjdk-demo-17.0.4.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openjdk-demo-17.0.4.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.ppc64le"
},
"product_reference": "java-17-openjdk-demo-17.0.4.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openjdk-demo-17.0.4.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.s390x"
},
"product_reference": "java-17-openjdk-demo-17.0.4.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openjdk-demo-17.0.4.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.x86_64"
},
"product_reference": "java-17-openjdk-demo-17.0.4.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openjdk-devel-17.0.4.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.aarch64"
},
"product_reference": "java-17-openjdk-devel-17.0.4.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openjdk-devel-17.0.4.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.ppc64le"
},
"product_reference": "java-17-openjdk-devel-17.0.4.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openjdk-devel-17.0.4.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.s390x"
},
"product_reference": "java-17-openjdk-devel-17.0.4.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openjdk-devel-17.0.4.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.x86_64"
},
"product_reference": "java-17-openjdk-devel-17.0.4.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openjdk-headless-17.0.4.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.aarch64"
},
"product_reference": "java-17-openjdk-headless-17.0.4.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openjdk-headless-17.0.4.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.ppc64le"
},
"product_reference": "java-17-openjdk-headless-17.0.4.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openjdk-headless-17.0.4.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.s390x"
},
"product_reference": "java-17-openjdk-headless-17.0.4.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openjdk-headless-17.0.4.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.x86_64"
},
"product_reference": "java-17-openjdk-headless-17.0.4.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openjdk-javadoc-17.0.4.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.aarch64"
},
"product_reference": "java-17-openjdk-javadoc-17.0.4.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openjdk-javadoc-17.0.4.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.ppc64le"
},
"product_reference": "java-17-openjdk-javadoc-17.0.4.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openjdk-javadoc-17.0.4.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.s390x"
},
"product_reference": "java-17-openjdk-javadoc-17.0.4.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openjdk-javadoc-17.0.4.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.x86_64"
},
"product_reference": "java-17-openjdk-javadoc-17.0.4.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openjdk-jmods-17.0.4.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.aarch64"
},
"product_reference": "java-17-openjdk-jmods-17.0.4.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openjdk-jmods-17.0.4.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.ppc64le"
},
"product_reference": "java-17-openjdk-jmods-17.0.4.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openjdk-jmods-17.0.4.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.s390x"
},
"product_reference": "java-17-openjdk-jmods-17.0.4.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openjdk-jmods-17.0.4.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.x86_64"
},
"product_reference": "java-17-openjdk-jmods-17.0.4.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openjdk-src-17.0.4.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.aarch64"
},
"product_reference": "java-17-openjdk-src-17.0.4.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openjdk-src-17.0.4.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.ppc64le"
},
"product_reference": "java-17-openjdk-src-17.0.4.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openjdk-src-17.0.4.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.s390x"
},
"product_reference": "java-17-openjdk-src-17.0.4.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openjdk-src-17.0.4.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.x86_64"
},
"product_reference": "java-17-openjdk-src-17.0.4.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-21540",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-21540"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-21540",
"url": "https://www.suse.com/security/cve/CVE-2022-21540"
},
{
"category": "external",
"summary": "SUSE Bug 1201694 for CVE-2022-21540",
"url": "https://bugzilla.suse.com/1201694"
},
{
"category": "external",
"summary": "SUSE Bug 1202427 for CVE-2022-21540",
"url": "https://bugzilla.suse.com/1202427"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2022-21540"
},
{
"cve": "CVE-2022-21541",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-21541"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.9 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-21541",
"url": "https://www.suse.com/security/cve/CVE-2022-21541"
},
{
"category": "external",
"summary": "SUSE Bug 1201692 for CVE-2022-21541",
"url": "https://bugzilla.suse.com/1201692"
},
{
"category": "external",
"summary": "SUSE Bug 1202427 for CVE-2022-21541",
"url": "https://bugzilla.suse.com/1202427"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2022-21541"
},
{
"cve": "CVE-2022-21549",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-21549"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 17.0.3.1; Oracle GraalVM Enterprise Edition: 21.3.2 and 22.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-21549",
"url": "https://www.suse.com/security/cve/CVE-2022-21549"
},
{
"category": "external",
"summary": "SUSE Bug 1201685 for CVE-2022-21549",
"url": "https://bugzilla.suse.com/1201685"
},
{
"category": "external",
"summary": "SUSE Bug 1202427 for CVE-2022-21549",
"url": "https://bugzilla.suse.com/1202427"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2022-21549"
},
{
"cve": "CVE-2022-34169",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-34169"
}
],
"notes": [
{
"category": "general",
"text": "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-34169",
"url": "https://www.suse.com/security/cve/CVE-2022-34169"
},
{
"category": "external",
"summary": "SUSE Bug 1201684 for CVE-2022-34169",
"url": "https://bugzilla.suse.com/1201684"
},
{
"category": "external",
"summary": "SUSE Bug 1202427 for CVE-2022-34169",
"url": "https://bugzilla.suse.com/1202427"
},
{
"category": "external",
"summary": "SUSE Bug 1207688 for CVE-2022-34169",
"url": "https://bugzilla.suse.com/1207688"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-accessibility-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-demo-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-devel-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-headless-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-javadoc-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-jmods-17.0.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openjdk-src-17.0.4.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2022-34169"
}
]
}
OPENSUSE-SU-2024:12234-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
java-1_8_0-openjdk-1.8.0.345-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: java-1_8_0-openjdk-1.8.0.345-1.1 on GA media
Description of the patch: These are all security issues fixed in the java-1_8_0-openjdk-1.8.0.345-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-12234
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
28 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.345-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.345-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.345-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.345-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.345-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.345-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.345-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.345-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.345-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.345-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.345-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.345-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.345-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.345-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.345-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.345-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.345-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.345-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.345-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.345-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
28 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.345-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.345-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.345-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.345-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.345-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.345-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.345-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.345-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.345-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.345-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.345-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.345-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.345-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.345-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.345-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.345-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.345-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.345-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.345-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.345-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
28 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.345-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.345-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.345-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.345-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.345-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.345-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.345-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.345-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.345-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.345-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.345-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.345-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.345-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.345-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.345-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.345-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.345-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.345-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.345-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.345-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
15 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "java-1_8_0-openjdk-1.8.0.345-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the java-1_8_0-openjdk-1.8.0.345-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-12234",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_12234-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-21540 page",
"url": "https://www.suse.com/security/cve/CVE-2022-21540/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-21541 page",
"url": "https://www.suse.com/security/cve/CVE-2022-21541/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-34169 page",
"url": "https://www.suse.com/security/cve/CVE-2022-34169/"
}
],
"title": "java-1_8_0-openjdk-1.8.0.345-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:12234-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "java-1_8_0-openjdk-1.8.0.345-1.1.aarch64",
"product": {
"name": "java-1_8_0-openjdk-1.8.0.345-1.1.aarch64",
"product_id": "java-1_8_0-openjdk-1.8.0.345-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.aarch64",
"product": {
"name": "java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.aarch64",
"product_id": "java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openjdk-demo-1.8.0.345-1.1.aarch64",
"product": {
"name": "java-1_8_0-openjdk-demo-1.8.0.345-1.1.aarch64",
"product_id": "java-1_8_0-openjdk-demo-1.8.0.345-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openjdk-devel-1.8.0.345-1.1.aarch64",
"product": {
"name": "java-1_8_0-openjdk-devel-1.8.0.345-1.1.aarch64",
"product_id": "java-1_8_0-openjdk-devel-1.8.0.345-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openjdk-headless-1.8.0.345-1.1.aarch64",
"product": {
"name": "java-1_8_0-openjdk-headless-1.8.0.345-1.1.aarch64",
"product_id": "java-1_8_0-openjdk-headless-1.8.0.345-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.aarch64",
"product": {
"name": "java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.aarch64",
"product_id": "java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openjdk-src-1.8.0.345-1.1.aarch64",
"product": {
"name": "java-1_8_0-openjdk-src-1.8.0.345-1.1.aarch64",
"product_id": "java-1_8_0-openjdk-src-1.8.0.345-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1_8_0-openjdk-1.8.0.345-1.1.ppc64le",
"product": {
"name": "java-1_8_0-openjdk-1.8.0.345-1.1.ppc64le",
"product_id": "java-1_8_0-openjdk-1.8.0.345-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.ppc64le",
"product": {
"name": "java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.ppc64le",
"product_id": "java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openjdk-demo-1.8.0.345-1.1.ppc64le",
"product": {
"name": "java-1_8_0-openjdk-demo-1.8.0.345-1.1.ppc64le",
"product_id": "java-1_8_0-openjdk-demo-1.8.0.345-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openjdk-devel-1.8.0.345-1.1.ppc64le",
"product": {
"name": "java-1_8_0-openjdk-devel-1.8.0.345-1.1.ppc64le",
"product_id": "java-1_8_0-openjdk-devel-1.8.0.345-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openjdk-headless-1.8.0.345-1.1.ppc64le",
"product": {
"name": "java-1_8_0-openjdk-headless-1.8.0.345-1.1.ppc64le",
"product_id": "java-1_8_0-openjdk-headless-1.8.0.345-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.ppc64le",
"product": {
"name": "java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.ppc64le",
"product_id": "java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openjdk-src-1.8.0.345-1.1.ppc64le",
"product": {
"name": "java-1_8_0-openjdk-src-1.8.0.345-1.1.ppc64le",
"product_id": "java-1_8_0-openjdk-src-1.8.0.345-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1_8_0-openjdk-1.8.0.345-1.1.s390x",
"product": {
"name": "java-1_8_0-openjdk-1.8.0.345-1.1.s390x",
"product_id": "java-1_8_0-openjdk-1.8.0.345-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.s390x",
"product": {
"name": "java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.s390x",
"product_id": "java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openjdk-demo-1.8.0.345-1.1.s390x",
"product": {
"name": "java-1_8_0-openjdk-demo-1.8.0.345-1.1.s390x",
"product_id": "java-1_8_0-openjdk-demo-1.8.0.345-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openjdk-devel-1.8.0.345-1.1.s390x",
"product": {
"name": "java-1_8_0-openjdk-devel-1.8.0.345-1.1.s390x",
"product_id": "java-1_8_0-openjdk-devel-1.8.0.345-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openjdk-headless-1.8.0.345-1.1.s390x",
"product": {
"name": "java-1_8_0-openjdk-headless-1.8.0.345-1.1.s390x",
"product_id": "java-1_8_0-openjdk-headless-1.8.0.345-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.s390x",
"product": {
"name": "java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.s390x",
"product_id": "java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openjdk-src-1.8.0.345-1.1.s390x",
"product": {
"name": "java-1_8_0-openjdk-src-1.8.0.345-1.1.s390x",
"product_id": "java-1_8_0-openjdk-src-1.8.0.345-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1_8_0-openjdk-1.8.0.345-1.1.x86_64",
"product": {
"name": "java-1_8_0-openjdk-1.8.0.345-1.1.x86_64",
"product_id": "java-1_8_0-openjdk-1.8.0.345-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.x86_64",
"product": {
"name": "java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.x86_64",
"product_id": "java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openjdk-demo-1.8.0.345-1.1.x86_64",
"product": {
"name": "java-1_8_0-openjdk-demo-1.8.0.345-1.1.x86_64",
"product_id": "java-1_8_0-openjdk-demo-1.8.0.345-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openjdk-devel-1.8.0.345-1.1.x86_64",
"product": {
"name": "java-1_8_0-openjdk-devel-1.8.0.345-1.1.x86_64",
"product_id": "java-1_8_0-openjdk-devel-1.8.0.345-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openjdk-headless-1.8.0.345-1.1.x86_64",
"product": {
"name": "java-1_8_0-openjdk-headless-1.8.0.345-1.1.x86_64",
"product_id": "java-1_8_0-openjdk-headless-1.8.0.345-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.x86_64",
"product": {
"name": "java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.x86_64",
"product_id": "java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openjdk-src-1.8.0.345-1.1.x86_64",
"product": {
"name": "java-1_8_0-openjdk-src-1.8.0.345-1.1.x86_64",
"product_id": "java-1_8_0-openjdk-src-1.8.0.345-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openjdk-1.8.0.345-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.345-1.1.aarch64"
},
"product_reference": "java-1_8_0-openjdk-1.8.0.345-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openjdk-1.8.0.345-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.345-1.1.ppc64le"
},
"product_reference": "java-1_8_0-openjdk-1.8.0.345-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openjdk-1.8.0.345-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.345-1.1.s390x"
},
"product_reference": "java-1_8_0-openjdk-1.8.0.345-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openjdk-1.8.0.345-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.345-1.1.x86_64"
},
"product_reference": "java-1_8_0-openjdk-1.8.0.345-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.aarch64"
},
"product_reference": "java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.ppc64le"
},
"product_reference": "java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.s390x"
},
"product_reference": "java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.x86_64"
},
"product_reference": "java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openjdk-demo-1.8.0.345-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.345-1.1.aarch64"
},
"product_reference": "java-1_8_0-openjdk-demo-1.8.0.345-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openjdk-demo-1.8.0.345-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.345-1.1.ppc64le"
},
"product_reference": "java-1_8_0-openjdk-demo-1.8.0.345-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openjdk-demo-1.8.0.345-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.345-1.1.s390x"
},
"product_reference": "java-1_8_0-openjdk-demo-1.8.0.345-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openjdk-demo-1.8.0.345-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.345-1.1.x86_64"
},
"product_reference": "java-1_8_0-openjdk-demo-1.8.0.345-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openjdk-devel-1.8.0.345-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.345-1.1.aarch64"
},
"product_reference": "java-1_8_0-openjdk-devel-1.8.0.345-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openjdk-devel-1.8.0.345-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.345-1.1.ppc64le"
},
"product_reference": "java-1_8_0-openjdk-devel-1.8.0.345-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openjdk-devel-1.8.0.345-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.345-1.1.s390x"
},
"product_reference": "java-1_8_0-openjdk-devel-1.8.0.345-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openjdk-devel-1.8.0.345-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.345-1.1.x86_64"
},
"product_reference": "java-1_8_0-openjdk-devel-1.8.0.345-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openjdk-headless-1.8.0.345-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.345-1.1.aarch64"
},
"product_reference": "java-1_8_0-openjdk-headless-1.8.0.345-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openjdk-headless-1.8.0.345-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.345-1.1.ppc64le"
},
"product_reference": "java-1_8_0-openjdk-headless-1.8.0.345-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openjdk-headless-1.8.0.345-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.345-1.1.s390x"
},
"product_reference": "java-1_8_0-openjdk-headless-1.8.0.345-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openjdk-headless-1.8.0.345-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.345-1.1.x86_64"
},
"product_reference": "java-1_8_0-openjdk-headless-1.8.0.345-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.aarch64"
},
"product_reference": "java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.ppc64le"
},
"product_reference": "java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.s390x"
},
"product_reference": "java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.x86_64"
},
"product_reference": "java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openjdk-src-1.8.0.345-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.345-1.1.aarch64"
},
"product_reference": "java-1_8_0-openjdk-src-1.8.0.345-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openjdk-src-1.8.0.345-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.345-1.1.ppc64le"
},
"product_reference": "java-1_8_0-openjdk-src-1.8.0.345-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openjdk-src-1.8.0.345-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.345-1.1.s390x"
},
"product_reference": "java-1_8_0-openjdk-src-1.8.0.345-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openjdk-src-1.8.0.345-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.345-1.1.x86_64"
},
"product_reference": "java-1_8_0-openjdk-src-1.8.0.345-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-21540",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-21540"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.345-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-21540",
"url": "https://www.suse.com/security/cve/CVE-2022-21540"
},
{
"category": "external",
"summary": "SUSE Bug 1201694 for CVE-2022-21540",
"url": "https://bugzilla.suse.com/1201694"
},
{
"category": "external",
"summary": "SUSE Bug 1202427 for CVE-2022-21540",
"url": "https://bugzilla.suse.com/1202427"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.345-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.345-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2022-21540"
},
{
"cve": "CVE-2022-21541",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-21541"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.9 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.345-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-21541",
"url": "https://www.suse.com/security/cve/CVE-2022-21541"
},
{
"category": "external",
"summary": "SUSE Bug 1201692 for CVE-2022-21541",
"url": "https://bugzilla.suse.com/1201692"
},
{
"category": "external",
"summary": "SUSE Bug 1202427 for CVE-2022-21541",
"url": "https://bugzilla.suse.com/1202427"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.345-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.345-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2022-21541"
},
{
"cve": "CVE-2022-34169",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-34169"
}
],
"notes": [
{
"category": "general",
"text": "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.345-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-34169",
"url": "https://www.suse.com/security/cve/CVE-2022-34169"
},
{
"category": "external",
"summary": "SUSE Bug 1201684 for CVE-2022-34169",
"url": "https://bugzilla.suse.com/1201684"
},
{
"category": "external",
"summary": "SUSE Bug 1202427 for CVE-2022-34169",
"url": "https://bugzilla.suse.com/1202427"
},
{
"category": "external",
"summary": "SUSE Bug 1207688 for CVE-2022-34169",
"url": "https://bugzilla.suse.com/1207688"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.345-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-accessibility-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-demo-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-devel-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-headless-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-javadoc-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openjdk-src-1.8.0.345-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2022-34169"
}
]
}
OPENSUSE-SU-2024:12261-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
java-11-openj9-11.0.16.0-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: java-11-openj9-11.0.16.0-1.1 on GA media
Description of the patch: These are all security issues fixed in the java-11-openj9-11.0.16.0-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-12261
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-11.0.16.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-11.0.16.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-11.0.16.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-11.0.16.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-accessibility-11.0.16.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-accessibility-11.0.16.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-accessibility-11.0.16.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-accessibility-11.0.16.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-demo-11.0.16.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-demo-11.0.16.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-demo-11.0.16.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-demo-11.0.16.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-devel-11.0.16.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-devel-11.0.16.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-devel-11.0.16.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-devel-11.0.16.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-headless-11.0.16.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-headless-11.0.16.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-headless-11.0.16.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-headless-11.0.16.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.16.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.16.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.16.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.16.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-jmods-11.0.16.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-jmods-11.0.16.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-jmods-11.0.16.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-jmods-11.0.16.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-src-11.0.16.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-src-11.0.16.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-src-11.0.16.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-src-11.0.16.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-11.0.16.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-11.0.16.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-11.0.16.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-11.0.16.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-accessibility-11.0.16.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-accessibility-11.0.16.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-accessibility-11.0.16.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-accessibility-11.0.16.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-demo-11.0.16.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-demo-11.0.16.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-demo-11.0.16.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-demo-11.0.16.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-devel-11.0.16.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-devel-11.0.16.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-devel-11.0.16.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-devel-11.0.16.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-headless-11.0.16.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-headless-11.0.16.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-headless-11.0.16.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-headless-11.0.16.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.16.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.16.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.16.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.16.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-jmods-11.0.16.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-jmods-11.0.16.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-jmods-11.0.16.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-jmods-11.0.16.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-src-11.0.16.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-src-11.0.16.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-src-11.0.16.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-11-openj9-src-11.0.16.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
11 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "java-11-openj9-11.0.16.0-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the java-11-openj9-11.0.16.0-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-12261",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_12261-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-21540 page",
"url": "https://www.suse.com/security/cve/CVE-2022-21540/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-34169 page",
"url": "https://www.suse.com/security/cve/CVE-2022-34169/"
}
],
"title": "java-11-openj9-11.0.16.0-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:12261-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "java-11-openj9-11.0.16.0-1.1.aarch64",
"product": {
"name": "java-11-openj9-11.0.16.0-1.1.aarch64",
"product_id": "java-11-openj9-11.0.16.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-11-openj9-accessibility-11.0.16.0-1.1.aarch64",
"product": {
"name": "java-11-openj9-accessibility-11.0.16.0-1.1.aarch64",
"product_id": "java-11-openj9-accessibility-11.0.16.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-11-openj9-demo-11.0.16.0-1.1.aarch64",
"product": {
"name": "java-11-openj9-demo-11.0.16.0-1.1.aarch64",
"product_id": "java-11-openj9-demo-11.0.16.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-11-openj9-devel-11.0.16.0-1.1.aarch64",
"product": {
"name": "java-11-openj9-devel-11.0.16.0-1.1.aarch64",
"product_id": "java-11-openj9-devel-11.0.16.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-11-openj9-headless-11.0.16.0-1.1.aarch64",
"product": {
"name": "java-11-openj9-headless-11.0.16.0-1.1.aarch64",
"product_id": "java-11-openj9-headless-11.0.16.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-11-openj9-javadoc-11.0.16.0-1.1.aarch64",
"product": {
"name": "java-11-openj9-javadoc-11.0.16.0-1.1.aarch64",
"product_id": "java-11-openj9-javadoc-11.0.16.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-11-openj9-jmods-11.0.16.0-1.1.aarch64",
"product": {
"name": "java-11-openj9-jmods-11.0.16.0-1.1.aarch64",
"product_id": "java-11-openj9-jmods-11.0.16.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-11-openj9-src-11.0.16.0-1.1.aarch64",
"product": {
"name": "java-11-openj9-src-11.0.16.0-1.1.aarch64",
"product_id": "java-11-openj9-src-11.0.16.0-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-11-openj9-11.0.16.0-1.1.ppc64le",
"product": {
"name": "java-11-openj9-11.0.16.0-1.1.ppc64le",
"product_id": "java-11-openj9-11.0.16.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-11-openj9-accessibility-11.0.16.0-1.1.ppc64le",
"product": {
"name": "java-11-openj9-accessibility-11.0.16.0-1.1.ppc64le",
"product_id": "java-11-openj9-accessibility-11.0.16.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-11-openj9-demo-11.0.16.0-1.1.ppc64le",
"product": {
"name": "java-11-openj9-demo-11.0.16.0-1.1.ppc64le",
"product_id": "java-11-openj9-demo-11.0.16.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-11-openj9-devel-11.0.16.0-1.1.ppc64le",
"product": {
"name": "java-11-openj9-devel-11.0.16.0-1.1.ppc64le",
"product_id": "java-11-openj9-devel-11.0.16.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-11-openj9-headless-11.0.16.0-1.1.ppc64le",
"product": {
"name": "java-11-openj9-headless-11.0.16.0-1.1.ppc64le",
"product_id": "java-11-openj9-headless-11.0.16.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-11-openj9-javadoc-11.0.16.0-1.1.ppc64le",
"product": {
"name": "java-11-openj9-javadoc-11.0.16.0-1.1.ppc64le",
"product_id": "java-11-openj9-javadoc-11.0.16.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-11-openj9-jmods-11.0.16.0-1.1.ppc64le",
"product": {
"name": "java-11-openj9-jmods-11.0.16.0-1.1.ppc64le",
"product_id": "java-11-openj9-jmods-11.0.16.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-11-openj9-src-11.0.16.0-1.1.ppc64le",
"product": {
"name": "java-11-openj9-src-11.0.16.0-1.1.ppc64le",
"product_id": "java-11-openj9-src-11.0.16.0-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "java-11-openj9-11.0.16.0-1.1.s390x",
"product": {
"name": "java-11-openj9-11.0.16.0-1.1.s390x",
"product_id": "java-11-openj9-11.0.16.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-11-openj9-accessibility-11.0.16.0-1.1.s390x",
"product": {
"name": "java-11-openj9-accessibility-11.0.16.0-1.1.s390x",
"product_id": "java-11-openj9-accessibility-11.0.16.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-11-openj9-demo-11.0.16.0-1.1.s390x",
"product": {
"name": "java-11-openj9-demo-11.0.16.0-1.1.s390x",
"product_id": "java-11-openj9-demo-11.0.16.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-11-openj9-devel-11.0.16.0-1.1.s390x",
"product": {
"name": "java-11-openj9-devel-11.0.16.0-1.1.s390x",
"product_id": "java-11-openj9-devel-11.0.16.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-11-openj9-headless-11.0.16.0-1.1.s390x",
"product": {
"name": "java-11-openj9-headless-11.0.16.0-1.1.s390x",
"product_id": "java-11-openj9-headless-11.0.16.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-11-openj9-javadoc-11.0.16.0-1.1.s390x",
"product": {
"name": "java-11-openj9-javadoc-11.0.16.0-1.1.s390x",
"product_id": "java-11-openj9-javadoc-11.0.16.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-11-openj9-jmods-11.0.16.0-1.1.s390x",
"product": {
"name": "java-11-openj9-jmods-11.0.16.0-1.1.s390x",
"product_id": "java-11-openj9-jmods-11.0.16.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-11-openj9-src-11.0.16.0-1.1.s390x",
"product": {
"name": "java-11-openj9-src-11.0.16.0-1.1.s390x",
"product_id": "java-11-openj9-src-11.0.16.0-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "java-11-openj9-11.0.16.0-1.1.x86_64",
"product": {
"name": "java-11-openj9-11.0.16.0-1.1.x86_64",
"product_id": "java-11-openj9-11.0.16.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-11-openj9-accessibility-11.0.16.0-1.1.x86_64",
"product": {
"name": "java-11-openj9-accessibility-11.0.16.0-1.1.x86_64",
"product_id": "java-11-openj9-accessibility-11.0.16.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-11-openj9-demo-11.0.16.0-1.1.x86_64",
"product": {
"name": "java-11-openj9-demo-11.0.16.0-1.1.x86_64",
"product_id": "java-11-openj9-demo-11.0.16.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-11-openj9-devel-11.0.16.0-1.1.x86_64",
"product": {
"name": "java-11-openj9-devel-11.0.16.0-1.1.x86_64",
"product_id": "java-11-openj9-devel-11.0.16.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-11-openj9-headless-11.0.16.0-1.1.x86_64",
"product": {
"name": "java-11-openj9-headless-11.0.16.0-1.1.x86_64",
"product_id": "java-11-openj9-headless-11.0.16.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-11-openj9-javadoc-11.0.16.0-1.1.x86_64",
"product": {
"name": "java-11-openj9-javadoc-11.0.16.0-1.1.x86_64",
"product_id": "java-11-openj9-javadoc-11.0.16.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-11-openj9-jmods-11.0.16.0-1.1.x86_64",
"product": {
"name": "java-11-openj9-jmods-11.0.16.0-1.1.x86_64",
"product_id": "java-11-openj9-jmods-11.0.16.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-11-openj9-src-11.0.16.0-1.1.x86_64",
"product": {
"name": "java-11-openj9-src-11.0.16.0-1.1.x86_64",
"product_id": "java-11-openj9-src-11.0.16.0-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-11.0.16.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-11.0.16.0-1.1.aarch64"
},
"product_reference": "java-11-openj9-11.0.16.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-11.0.16.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-11.0.16.0-1.1.ppc64le"
},
"product_reference": "java-11-openj9-11.0.16.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-11.0.16.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-11.0.16.0-1.1.s390x"
},
"product_reference": "java-11-openj9-11.0.16.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-11.0.16.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-11.0.16.0-1.1.x86_64"
},
"product_reference": "java-11-openj9-11.0.16.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-accessibility-11.0.16.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-accessibility-11.0.16.0-1.1.aarch64"
},
"product_reference": "java-11-openj9-accessibility-11.0.16.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-accessibility-11.0.16.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-accessibility-11.0.16.0-1.1.ppc64le"
},
"product_reference": "java-11-openj9-accessibility-11.0.16.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-accessibility-11.0.16.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-accessibility-11.0.16.0-1.1.s390x"
},
"product_reference": "java-11-openj9-accessibility-11.0.16.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-accessibility-11.0.16.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-accessibility-11.0.16.0-1.1.x86_64"
},
"product_reference": "java-11-openj9-accessibility-11.0.16.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-demo-11.0.16.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-demo-11.0.16.0-1.1.aarch64"
},
"product_reference": "java-11-openj9-demo-11.0.16.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-demo-11.0.16.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-demo-11.0.16.0-1.1.ppc64le"
},
"product_reference": "java-11-openj9-demo-11.0.16.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-demo-11.0.16.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-demo-11.0.16.0-1.1.s390x"
},
"product_reference": "java-11-openj9-demo-11.0.16.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-demo-11.0.16.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-demo-11.0.16.0-1.1.x86_64"
},
"product_reference": "java-11-openj9-demo-11.0.16.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-devel-11.0.16.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-devel-11.0.16.0-1.1.aarch64"
},
"product_reference": "java-11-openj9-devel-11.0.16.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-devel-11.0.16.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-devel-11.0.16.0-1.1.ppc64le"
},
"product_reference": "java-11-openj9-devel-11.0.16.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-devel-11.0.16.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-devel-11.0.16.0-1.1.s390x"
},
"product_reference": "java-11-openj9-devel-11.0.16.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-devel-11.0.16.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-devel-11.0.16.0-1.1.x86_64"
},
"product_reference": "java-11-openj9-devel-11.0.16.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-headless-11.0.16.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-headless-11.0.16.0-1.1.aarch64"
},
"product_reference": "java-11-openj9-headless-11.0.16.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-headless-11.0.16.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-headless-11.0.16.0-1.1.ppc64le"
},
"product_reference": "java-11-openj9-headless-11.0.16.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-headless-11.0.16.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-headless-11.0.16.0-1.1.s390x"
},
"product_reference": "java-11-openj9-headless-11.0.16.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-headless-11.0.16.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-headless-11.0.16.0-1.1.x86_64"
},
"product_reference": "java-11-openj9-headless-11.0.16.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-javadoc-11.0.16.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.16.0-1.1.aarch64"
},
"product_reference": "java-11-openj9-javadoc-11.0.16.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-javadoc-11.0.16.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.16.0-1.1.ppc64le"
},
"product_reference": "java-11-openj9-javadoc-11.0.16.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-javadoc-11.0.16.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.16.0-1.1.s390x"
},
"product_reference": "java-11-openj9-javadoc-11.0.16.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-javadoc-11.0.16.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.16.0-1.1.x86_64"
},
"product_reference": "java-11-openj9-javadoc-11.0.16.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-jmods-11.0.16.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-jmods-11.0.16.0-1.1.aarch64"
},
"product_reference": "java-11-openj9-jmods-11.0.16.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-jmods-11.0.16.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-jmods-11.0.16.0-1.1.ppc64le"
},
"product_reference": "java-11-openj9-jmods-11.0.16.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-jmods-11.0.16.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-jmods-11.0.16.0-1.1.s390x"
},
"product_reference": "java-11-openj9-jmods-11.0.16.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-jmods-11.0.16.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-jmods-11.0.16.0-1.1.x86_64"
},
"product_reference": "java-11-openj9-jmods-11.0.16.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-src-11.0.16.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-src-11.0.16.0-1.1.aarch64"
},
"product_reference": "java-11-openj9-src-11.0.16.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-src-11.0.16.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-src-11.0.16.0-1.1.ppc64le"
},
"product_reference": "java-11-openj9-src-11.0.16.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-src-11.0.16.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-src-11.0.16.0-1.1.s390x"
},
"product_reference": "java-11-openj9-src-11.0.16.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-src-11.0.16.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-src-11.0.16.0-1.1.x86_64"
},
"product_reference": "java-11-openj9-src-11.0.16.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-21540",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-21540"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:java-11-openj9-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-accessibility-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-accessibility-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-accessibility-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-accessibility-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-demo-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-demo-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-demo-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-demo-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-devel-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-devel-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-devel-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-devel-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-headless-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-headless-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-headless-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-headless-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-jmods-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-jmods-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-jmods-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-jmods-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-src-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-src-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-src-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-src-11.0.16.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-21540",
"url": "https://www.suse.com/security/cve/CVE-2022-21540"
},
{
"category": "external",
"summary": "SUSE Bug 1201694 for CVE-2022-21540",
"url": "https://bugzilla.suse.com/1201694"
},
{
"category": "external",
"summary": "SUSE Bug 1202427 for CVE-2022-21540",
"url": "https://bugzilla.suse.com/1202427"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:java-11-openj9-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-accessibility-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-accessibility-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-accessibility-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-accessibility-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-demo-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-demo-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-demo-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-demo-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-devel-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-devel-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-devel-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-devel-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-headless-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-headless-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-headless-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-headless-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-jmods-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-jmods-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-jmods-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-jmods-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-src-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-src-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-src-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-src-11.0.16.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:java-11-openj9-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-accessibility-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-accessibility-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-accessibility-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-accessibility-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-demo-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-demo-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-demo-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-demo-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-devel-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-devel-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-devel-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-devel-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-headless-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-headless-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-headless-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-headless-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-jmods-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-jmods-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-jmods-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-jmods-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-src-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-src-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-src-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-src-11.0.16.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2022-21540"
},
{
"cve": "CVE-2022-34169",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-34169"
}
],
"notes": [
{
"category": "general",
"text": "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:java-11-openj9-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-accessibility-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-accessibility-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-accessibility-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-accessibility-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-demo-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-demo-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-demo-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-demo-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-devel-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-devel-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-devel-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-devel-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-headless-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-headless-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-headless-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-headless-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-jmods-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-jmods-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-jmods-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-jmods-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-src-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-src-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-src-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-src-11.0.16.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-34169",
"url": "https://www.suse.com/security/cve/CVE-2022-34169"
},
{
"category": "external",
"summary": "SUSE Bug 1201684 for CVE-2022-34169",
"url": "https://bugzilla.suse.com/1201684"
},
{
"category": "external",
"summary": "SUSE Bug 1202427 for CVE-2022-34169",
"url": "https://bugzilla.suse.com/1202427"
},
{
"category": "external",
"summary": "SUSE Bug 1207688 for CVE-2022-34169",
"url": "https://bugzilla.suse.com/1207688"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:java-11-openj9-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-accessibility-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-accessibility-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-accessibility-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-accessibility-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-demo-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-demo-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-demo-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-demo-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-devel-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-devel-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-devel-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-devel-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-headless-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-headless-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-headless-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-headless-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-jmods-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-jmods-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-jmods-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-jmods-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-src-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-src-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-src-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-src-11.0.16.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:java-11-openj9-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-accessibility-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-accessibility-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-accessibility-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-accessibility-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-demo-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-demo-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-demo-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-demo-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-devel-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-devel-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-devel-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-devel-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-headless-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-headless-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-headless-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-headless-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-jmods-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-jmods-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-jmods-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-jmods-11.0.16.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-src-11.0.16.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-src-11.0.16.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-src-11.0.16.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-src-11.0.16.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2022-34169"
}
]
}
OPENSUSE-SU-2024:12263-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
java-1_8_0-openj9-1.8.0.345-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: java-1_8_0-openj9-1.8.0.345-1.1 on GA media
Description of the patch: These are all security issues fixed in the java-1_8_0-openj9-1.8.0.345-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-12263
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
28 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.345-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.345-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.345-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.345-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.345-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.345-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.345-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.345-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.345-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.345-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.345-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.345-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.345-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.345-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.345-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.345-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.345-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.345-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.345-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.345-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.345-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.345-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.345-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.345-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.345-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.345-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.345-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.345-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
28 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.345-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.345-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.345-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.345-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.345-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.345-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.345-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.345-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.345-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.345-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.345-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.345-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.345-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.345-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.345-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.345-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.345-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.345-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.345-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.345-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.345-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.345-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.345-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.345-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.345-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.345-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.345-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.345-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
11 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "java-1_8_0-openj9-1.8.0.345-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the java-1_8_0-openj9-1.8.0.345-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-12263",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_12263-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-21540 page",
"url": "https://www.suse.com/security/cve/CVE-2022-21540/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-34169 page",
"url": "https://www.suse.com/security/cve/CVE-2022-34169/"
}
],
"title": "java-1_8_0-openj9-1.8.0.345-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:12263-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "java-1_8_0-openj9-1.8.0.345-1.1.aarch64",
"product": {
"name": "java-1_8_0-openj9-1.8.0.345-1.1.aarch64",
"product_id": "java-1_8_0-openj9-1.8.0.345-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-accessibility-1.8.0.345-1.1.aarch64",
"product": {
"name": "java-1_8_0-openj9-accessibility-1.8.0.345-1.1.aarch64",
"product_id": "java-1_8_0-openj9-accessibility-1.8.0.345-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-demo-1.8.0.345-1.1.aarch64",
"product": {
"name": "java-1_8_0-openj9-demo-1.8.0.345-1.1.aarch64",
"product_id": "java-1_8_0-openj9-demo-1.8.0.345-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-devel-1.8.0.345-1.1.aarch64",
"product": {
"name": "java-1_8_0-openj9-devel-1.8.0.345-1.1.aarch64",
"product_id": "java-1_8_0-openj9-devel-1.8.0.345-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-headless-1.8.0.345-1.1.aarch64",
"product": {
"name": "java-1_8_0-openj9-headless-1.8.0.345-1.1.aarch64",
"product_id": "java-1_8_0-openj9-headless-1.8.0.345-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-javadoc-1.8.0.345-1.1.aarch64",
"product": {
"name": "java-1_8_0-openj9-javadoc-1.8.0.345-1.1.aarch64",
"product_id": "java-1_8_0-openj9-javadoc-1.8.0.345-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-src-1.8.0.345-1.1.aarch64",
"product": {
"name": "java-1_8_0-openj9-src-1.8.0.345-1.1.aarch64",
"product_id": "java-1_8_0-openj9-src-1.8.0.345-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1_8_0-openj9-1.8.0.345-1.1.ppc64le",
"product": {
"name": "java-1_8_0-openj9-1.8.0.345-1.1.ppc64le",
"product_id": "java-1_8_0-openj9-1.8.0.345-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-accessibility-1.8.0.345-1.1.ppc64le",
"product": {
"name": "java-1_8_0-openj9-accessibility-1.8.0.345-1.1.ppc64le",
"product_id": "java-1_8_0-openj9-accessibility-1.8.0.345-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-demo-1.8.0.345-1.1.ppc64le",
"product": {
"name": "java-1_8_0-openj9-demo-1.8.0.345-1.1.ppc64le",
"product_id": "java-1_8_0-openj9-demo-1.8.0.345-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-devel-1.8.0.345-1.1.ppc64le",
"product": {
"name": "java-1_8_0-openj9-devel-1.8.0.345-1.1.ppc64le",
"product_id": "java-1_8_0-openj9-devel-1.8.0.345-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-headless-1.8.0.345-1.1.ppc64le",
"product": {
"name": "java-1_8_0-openj9-headless-1.8.0.345-1.1.ppc64le",
"product_id": "java-1_8_0-openj9-headless-1.8.0.345-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-javadoc-1.8.0.345-1.1.ppc64le",
"product": {
"name": "java-1_8_0-openj9-javadoc-1.8.0.345-1.1.ppc64le",
"product_id": "java-1_8_0-openj9-javadoc-1.8.0.345-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-src-1.8.0.345-1.1.ppc64le",
"product": {
"name": "java-1_8_0-openj9-src-1.8.0.345-1.1.ppc64le",
"product_id": "java-1_8_0-openj9-src-1.8.0.345-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1_8_0-openj9-1.8.0.345-1.1.s390x",
"product": {
"name": "java-1_8_0-openj9-1.8.0.345-1.1.s390x",
"product_id": "java-1_8_0-openj9-1.8.0.345-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-accessibility-1.8.0.345-1.1.s390x",
"product": {
"name": "java-1_8_0-openj9-accessibility-1.8.0.345-1.1.s390x",
"product_id": "java-1_8_0-openj9-accessibility-1.8.0.345-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-demo-1.8.0.345-1.1.s390x",
"product": {
"name": "java-1_8_0-openj9-demo-1.8.0.345-1.1.s390x",
"product_id": "java-1_8_0-openj9-demo-1.8.0.345-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-devel-1.8.0.345-1.1.s390x",
"product": {
"name": "java-1_8_0-openj9-devel-1.8.0.345-1.1.s390x",
"product_id": "java-1_8_0-openj9-devel-1.8.0.345-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-headless-1.8.0.345-1.1.s390x",
"product": {
"name": "java-1_8_0-openj9-headless-1.8.0.345-1.1.s390x",
"product_id": "java-1_8_0-openj9-headless-1.8.0.345-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-javadoc-1.8.0.345-1.1.s390x",
"product": {
"name": "java-1_8_0-openj9-javadoc-1.8.0.345-1.1.s390x",
"product_id": "java-1_8_0-openj9-javadoc-1.8.0.345-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-src-1.8.0.345-1.1.s390x",
"product": {
"name": "java-1_8_0-openj9-src-1.8.0.345-1.1.s390x",
"product_id": "java-1_8_0-openj9-src-1.8.0.345-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1_8_0-openj9-1.8.0.345-1.1.x86_64",
"product": {
"name": "java-1_8_0-openj9-1.8.0.345-1.1.x86_64",
"product_id": "java-1_8_0-openj9-1.8.0.345-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-accessibility-1.8.0.345-1.1.x86_64",
"product": {
"name": "java-1_8_0-openj9-accessibility-1.8.0.345-1.1.x86_64",
"product_id": "java-1_8_0-openj9-accessibility-1.8.0.345-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-demo-1.8.0.345-1.1.x86_64",
"product": {
"name": "java-1_8_0-openj9-demo-1.8.0.345-1.1.x86_64",
"product_id": "java-1_8_0-openj9-demo-1.8.0.345-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-devel-1.8.0.345-1.1.x86_64",
"product": {
"name": "java-1_8_0-openj9-devel-1.8.0.345-1.1.x86_64",
"product_id": "java-1_8_0-openj9-devel-1.8.0.345-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-headless-1.8.0.345-1.1.x86_64",
"product": {
"name": "java-1_8_0-openj9-headless-1.8.0.345-1.1.x86_64",
"product_id": "java-1_8_0-openj9-headless-1.8.0.345-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-javadoc-1.8.0.345-1.1.x86_64",
"product": {
"name": "java-1_8_0-openj9-javadoc-1.8.0.345-1.1.x86_64",
"product_id": "java-1_8_0-openj9-javadoc-1.8.0.345-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-src-1.8.0.345-1.1.x86_64",
"product": {
"name": "java-1_8_0-openj9-src-1.8.0.345-1.1.x86_64",
"product_id": "java-1_8_0-openj9-src-1.8.0.345-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-1.8.0.345-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.345-1.1.aarch64"
},
"product_reference": "java-1_8_0-openj9-1.8.0.345-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-1.8.0.345-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.345-1.1.ppc64le"
},
"product_reference": "java-1_8_0-openj9-1.8.0.345-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-1.8.0.345-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.345-1.1.s390x"
},
"product_reference": "java-1_8_0-openj9-1.8.0.345-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-1.8.0.345-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.345-1.1.x86_64"
},
"product_reference": "java-1_8_0-openj9-1.8.0.345-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-accessibility-1.8.0.345-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.345-1.1.aarch64"
},
"product_reference": "java-1_8_0-openj9-accessibility-1.8.0.345-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-accessibility-1.8.0.345-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.345-1.1.ppc64le"
},
"product_reference": "java-1_8_0-openj9-accessibility-1.8.0.345-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-accessibility-1.8.0.345-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.345-1.1.s390x"
},
"product_reference": "java-1_8_0-openj9-accessibility-1.8.0.345-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-accessibility-1.8.0.345-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.345-1.1.x86_64"
},
"product_reference": "java-1_8_0-openj9-accessibility-1.8.0.345-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-demo-1.8.0.345-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.345-1.1.aarch64"
},
"product_reference": "java-1_8_0-openj9-demo-1.8.0.345-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-demo-1.8.0.345-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.345-1.1.ppc64le"
},
"product_reference": "java-1_8_0-openj9-demo-1.8.0.345-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-demo-1.8.0.345-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.345-1.1.s390x"
},
"product_reference": "java-1_8_0-openj9-demo-1.8.0.345-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-demo-1.8.0.345-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.345-1.1.x86_64"
},
"product_reference": "java-1_8_0-openj9-demo-1.8.0.345-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-devel-1.8.0.345-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.345-1.1.aarch64"
},
"product_reference": "java-1_8_0-openj9-devel-1.8.0.345-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-devel-1.8.0.345-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.345-1.1.ppc64le"
},
"product_reference": "java-1_8_0-openj9-devel-1.8.0.345-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-devel-1.8.0.345-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.345-1.1.s390x"
},
"product_reference": "java-1_8_0-openj9-devel-1.8.0.345-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-devel-1.8.0.345-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.345-1.1.x86_64"
},
"product_reference": "java-1_8_0-openj9-devel-1.8.0.345-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-headless-1.8.0.345-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.345-1.1.aarch64"
},
"product_reference": "java-1_8_0-openj9-headless-1.8.0.345-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-headless-1.8.0.345-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.345-1.1.ppc64le"
},
"product_reference": "java-1_8_0-openj9-headless-1.8.0.345-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-headless-1.8.0.345-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.345-1.1.s390x"
},
"product_reference": "java-1_8_0-openj9-headless-1.8.0.345-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-headless-1.8.0.345-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.345-1.1.x86_64"
},
"product_reference": "java-1_8_0-openj9-headless-1.8.0.345-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-javadoc-1.8.0.345-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.345-1.1.aarch64"
},
"product_reference": "java-1_8_0-openj9-javadoc-1.8.0.345-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-javadoc-1.8.0.345-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.345-1.1.ppc64le"
},
"product_reference": "java-1_8_0-openj9-javadoc-1.8.0.345-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-javadoc-1.8.0.345-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.345-1.1.s390x"
},
"product_reference": "java-1_8_0-openj9-javadoc-1.8.0.345-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-javadoc-1.8.0.345-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.345-1.1.x86_64"
},
"product_reference": "java-1_8_0-openj9-javadoc-1.8.0.345-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-src-1.8.0.345-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.345-1.1.aarch64"
},
"product_reference": "java-1_8_0-openj9-src-1.8.0.345-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-src-1.8.0.345-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.345-1.1.ppc64le"
},
"product_reference": "java-1_8_0-openj9-src-1.8.0.345-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-src-1.8.0.345-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.345-1.1.s390x"
},
"product_reference": "java-1_8_0-openj9-src-1.8.0.345-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-src-1.8.0.345-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.345-1.1.x86_64"
},
"product_reference": "java-1_8_0-openj9-src-1.8.0.345-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-21540",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-21540"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.345-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-21540",
"url": "https://www.suse.com/security/cve/CVE-2022-21540"
},
{
"category": "external",
"summary": "SUSE Bug 1201694 for CVE-2022-21540",
"url": "https://bugzilla.suse.com/1201694"
},
{
"category": "external",
"summary": "SUSE Bug 1202427 for CVE-2022-21540",
"url": "https://bugzilla.suse.com/1202427"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.345-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.345-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2022-21540"
},
{
"cve": "CVE-2022-34169",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-34169"
}
],
"notes": [
{
"category": "general",
"text": "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.345-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-34169",
"url": "https://www.suse.com/security/cve/CVE-2022-34169"
},
{
"category": "external",
"summary": "SUSE Bug 1201684 for CVE-2022-34169",
"url": "https://bugzilla.suse.com/1201684"
},
{
"category": "external",
"summary": "SUSE Bug 1202427 for CVE-2022-34169",
"url": "https://bugzilla.suse.com/1202427"
},
{
"category": "external",
"summary": "SUSE Bug 1207688 for CVE-2022-34169",
"url": "https://bugzilla.suse.com/1207688"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.345-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.345-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.345-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.345-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.345-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.345-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2022-34169"
}
]
}
OPENSUSE-SU-2024:13189-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
xalan-j2-2.7.3-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: xalan-j2-2.7.3-1.1 on GA media
Description of the patch: These are all security issues fixed in the xalan-j2-2.7.3-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-13189
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:xalan-j2-2.7.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xalan-j2-2.7.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xalan-j2-2.7.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xalan-j2-2.7.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xalan-j2-demo-2.7.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xalan-j2-demo-2.7.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xalan-j2-demo-2.7.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xalan-j2-demo-2.7.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xalan-j2-manual-2.7.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xalan-j2-manual-2.7.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xalan-j2-manual-2.7.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xalan-j2-manual-2.7.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xalan-j2-xsltc-2.7.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xalan-j2-xsltc-2.7.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xalan-j2-xsltc-2.7.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xalan-j2-xsltc-2.7.3-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
7 references
| URL | Category |
|---|---|
| https://www.suse.com/support/security/rating/ | external |
| https://ftp.suse.com/pub/projects/security/csaf/o… | self |
| https://www.suse.com/security/cve/CVE-2022-34169/ | self |
| https://www.suse.com/security/cve/CVE-2022-34169 | external |
| https://bugzilla.suse.com/1201684 | external |
| https://bugzilla.suse.com/1202427 | external |
| https://bugzilla.suse.com/1207688 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "xalan-j2-2.7.3-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the xalan-j2-2.7.3-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-13189",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_13189-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-34169 page",
"url": "https://www.suse.com/security/cve/CVE-2022-34169/"
}
],
"title": "xalan-j2-2.7.3-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:13189-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "xalan-j2-2.7.3-1.1.aarch64",
"product": {
"name": "xalan-j2-2.7.3-1.1.aarch64",
"product_id": "xalan-j2-2.7.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "xalan-j2-demo-2.7.3-1.1.aarch64",
"product": {
"name": "xalan-j2-demo-2.7.3-1.1.aarch64",
"product_id": "xalan-j2-demo-2.7.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "xalan-j2-manual-2.7.3-1.1.aarch64",
"product": {
"name": "xalan-j2-manual-2.7.3-1.1.aarch64",
"product_id": "xalan-j2-manual-2.7.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "xalan-j2-xsltc-2.7.3-1.1.aarch64",
"product": {
"name": "xalan-j2-xsltc-2.7.3-1.1.aarch64",
"product_id": "xalan-j2-xsltc-2.7.3-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "xalan-j2-2.7.3-1.1.ppc64le",
"product": {
"name": "xalan-j2-2.7.3-1.1.ppc64le",
"product_id": "xalan-j2-2.7.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "xalan-j2-demo-2.7.3-1.1.ppc64le",
"product": {
"name": "xalan-j2-demo-2.7.3-1.1.ppc64le",
"product_id": "xalan-j2-demo-2.7.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "xalan-j2-manual-2.7.3-1.1.ppc64le",
"product": {
"name": "xalan-j2-manual-2.7.3-1.1.ppc64le",
"product_id": "xalan-j2-manual-2.7.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "xalan-j2-xsltc-2.7.3-1.1.ppc64le",
"product": {
"name": "xalan-j2-xsltc-2.7.3-1.1.ppc64le",
"product_id": "xalan-j2-xsltc-2.7.3-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "xalan-j2-2.7.3-1.1.s390x",
"product": {
"name": "xalan-j2-2.7.3-1.1.s390x",
"product_id": "xalan-j2-2.7.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "xalan-j2-demo-2.7.3-1.1.s390x",
"product": {
"name": "xalan-j2-demo-2.7.3-1.1.s390x",
"product_id": "xalan-j2-demo-2.7.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "xalan-j2-manual-2.7.3-1.1.s390x",
"product": {
"name": "xalan-j2-manual-2.7.3-1.1.s390x",
"product_id": "xalan-j2-manual-2.7.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "xalan-j2-xsltc-2.7.3-1.1.s390x",
"product": {
"name": "xalan-j2-xsltc-2.7.3-1.1.s390x",
"product_id": "xalan-j2-xsltc-2.7.3-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "xalan-j2-2.7.3-1.1.x86_64",
"product": {
"name": "xalan-j2-2.7.3-1.1.x86_64",
"product_id": "xalan-j2-2.7.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "xalan-j2-demo-2.7.3-1.1.x86_64",
"product": {
"name": "xalan-j2-demo-2.7.3-1.1.x86_64",
"product_id": "xalan-j2-demo-2.7.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "xalan-j2-manual-2.7.3-1.1.x86_64",
"product": {
"name": "xalan-j2-manual-2.7.3-1.1.x86_64",
"product_id": "xalan-j2-manual-2.7.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "xalan-j2-xsltc-2.7.3-1.1.x86_64",
"product": {
"name": "xalan-j2-xsltc-2.7.3-1.1.x86_64",
"product_id": "xalan-j2-xsltc-2.7.3-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "xalan-j2-2.7.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xalan-j2-2.7.3-1.1.aarch64"
},
"product_reference": "xalan-j2-2.7.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xalan-j2-2.7.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xalan-j2-2.7.3-1.1.ppc64le"
},
"product_reference": "xalan-j2-2.7.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xalan-j2-2.7.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xalan-j2-2.7.3-1.1.s390x"
},
"product_reference": "xalan-j2-2.7.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xalan-j2-2.7.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xalan-j2-2.7.3-1.1.x86_64"
},
"product_reference": "xalan-j2-2.7.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xalan-j2-demo-2.7.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xalan-j2-demo-2.7.3-1.1.aarch64"
},
"product_reference": "xalan-j2-demo-2.7.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xalan-j2-demo-2.7.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xalan-j2-demo-2.7.3-1.1.ppc64le"
},
"product_reference": "xalan-j2-demo-2.7.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xalan-j2-demo-2.7.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xalan-j2-demo-2.7.3-1.1.s390x"
},
"product_reference": "xalan-j2-demo-2.7.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xalan-j2-demo-2.7.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xalan-j2-demo-2.7.3-1.1.x86_64"
},
"product_reference": "xalan-j2-demo-2.7.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xalan-j2-manual-2.7.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xalan-j2-manual-2.7.3-1.1.aarch64"
},
"product_reference": "xalan-j2-manual-2.7.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xalan-j2-manual-2.7.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xalan-j2-manual-2.7.3-1.1.ppc64le"
},
"product_reference": "xalan-j2-manual-2.7.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xalan-j2-manual-2.7.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xalan-j2-manual-2.7.3-1.1.s390x"
},
"product_reference": "xalan-j2-manual-2.7.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xalan-j2-manual-2.7.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xalan-j2-manual-2.7.3-1.1.x86_64"
},
"product_reference": "xalan-j2-manual-2.7.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xalan-j2-xsltc-2.7.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xalan-j2-xsltc-2.7.3-1.1.aarch64"
},
"product_reference": "xalan-j2-xsltc-2.7.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xalan-j2-xsltc-2.7.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xalan-j2-xsltc-2.7.3-1.1.ppc64le"
},
"product_reference": "xalan-j2-xsltc-2.7.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xalan-j2-xsltc-2.7.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xalan-j2-xsltc-2.7.3-1.1.s390x"
},
"product_reference": "xalan-j2-xsltc-2.7.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xalan-j2-xsltc-2.7.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xalan-j2-xsltc-2.7.3-1.1.x86_64"
},
"product_reference": "xalan-j2-xsltc-2.7.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-34169",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-34169"
}
],
"notes": [
{
"category": "general",
"text": "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:xalan-j2-2.7.3-1.1.aarch64",
"openSUSE Tumbleweed:xalan-j2-2.7.3-1.1.ppc64le",
"openSUSE Tumbleweed:xalan-j2-2.7.3-1.1.s390x",
"openSUSE Tumbleweed:xalan-j2-2.7.3-1.1.x86_64",
"openSUSE Tumbleweed:xalan-j2-demo-2.7.3-1.1.aarch64",
"openSUSE Tumbleweed:xalan-j2-demo-2.7.3-1.1.ppc64le",
"openSUSE Tumbleweed:xalan-j2-demo-2.7.3-1.1.s390x",
"openSUSE Tumbleweed:xalan-j2-demo-2.7.3-1.1.x86_64",
"openSUSE Tumbleweed:xalan-j2-manual-2.7.3-1.1.aarch64",
"openSUSE Tumbleweed:xalan-j2-manual-2.7.3-1.1.ppc64le",
"openSUSE Tumbleweed:xalan-j2-manual-2.7.3-1.1.s390x",
"openSUSE Tumbleweed:xalan-j2-manual-2.7.3-1.1.x86_64",
"openSUSE Tumbleweed:xalan-j2-xsltc-2.7.3-1.1.aarch64",
"openSUSE Tumbleweed:xalan-j2-xsltc-2.7.3-1.1.ppc64le",
"openSUSE Tumbleweed:xalan-j2-xsltc-2.7.3-1.1.s390x",
"openSUSE Tumbleweed:xalan-j2-xsltc-2.7.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-34169",
"url": "https://www.suse.com/security/cve/CVE-2022-34169"
},
{
"category": "external",
"summary": "SUSE Bug 1201684 for CVE-2022-34169",
"url": "https://bugzilla.suse.com/1201684"
},
{
"category": "external",
"summary": "SUSE Bug 1202427 for CVE-2022-34169",
"url": "https://bugzilla.suse.com/1202427"
},
{
"category": "external",
"summary": "SUSE Bug 1207688 for CVE-2022-34169",
"url": "https://bugzilla.suse.com/1207688"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:xalan-j2-2.7.3-1.1.aarch64",
"openSUSE Tumbleweed:xalan-j2-2.7.3-1.1.ppc64le",
"openSUSE Tumbleweed:xalan-j2-2.7.3-1.1.s390x",
"openSUSE Tumbleweed:xalan-j2-2.7.3-1.1.x86_64",
"openSUSE Tumbleweed:xalan-j2-demo-2.7.3-1.1.aarch64",
"openSUSE Tumbleweed:xalan-j2-demo-2.7.3-1.1.ppc64le",
"openSUSE Tumbleweed:xalan-j2-demo-2.7.3-1.1.s390x",
"openSUSE Tumbleweed:xalan-j2-demo-2.7.3-1.1.x86_64",
"openSUSE Tumbleweed:xalan-j2-manual-2.7.3-1.1.aarch64",
"openSUSE Tumbleweed:xalan-j2-manual-2.7.3-1.1.ppc64le",
"openSUSE Tumbleweed:xalan-j2-manual-2.7.3-1.1.s390x",
"openSUSE Tumbleweed:xalan-j2-manual-2.7.3-1.1.x86_64",
"openSUSE Tumbleweed:xalan-j2-xsltc-2.7.3-1.1.aarch64",
"openSUSE Tumbleweed:xalan-j2-xsltc-2.7.3-1.1.ppc64le",
"openSUSE Tumbleweed:xalan-j2-xsltc-2.7.3-1.1.s390x",
"openSUSE Tumbleweed:xalan-j2-xsltc-2.7.3-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:xalan-j2-2.7.3-1.1.aarch64",
"openSUSE Tumbleweed:xalan-j2-2.7.3-1.1.ppc64le",
"openSUSE Tumbleweed:xalan-j2-2.7.3-1.1.s390x",
"openSUSE Tumbleweed:xalan-j2-2.7.3-1.1.x86_64",
"openSUSE Tumbleweed:xalan-j2-demo-2.7.3-1.1.aarch64",
"openSUSE Tumbleweed:xalan-j2-demo-2.7.3-1.1.ppc64le",
"openSUSE Tumbleweed:xalan-j2-demo-2.7.3-1.1.s390x",
"openSUSE Tumbleweed:xalan-j2-demo-2.7.3-1.1.x86_64",
"openSUSE Tumbleweed:xalan-j2-manual-2.7.3-1.1.aarch64",
"openSUSE Tumbleweed:xalan-j2-manual-2.7.3-1.1.ppc64le",
"openSUSE Tumbleweed:xalan-j2-manual-2.7.3-1.1.s390x",
"openSUSE Tumbleweed:xalan-j2-manual-2.7.3-1.1.x86_64",
"openSUSE Tumbleweed:xalan-j2-xsltc-2.7.3-1.1.aarch64",
"openSUSE Tumbleweed:xalan-j2-xsltc-2.7.3-1.1.ppc64le",
"openSUSE Tumbleweed:xalan-j2-xsltc-2.7.3-1.1.s390x",
"openSUSE Tumbleweed:xalan-j2-xsltc-2.7.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2022-34169"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…