Search CVE reports
71 – 80 of 243 results
Some fixes available 16 of 35
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit...
7 affected packages
openjdk-8, icedtea-web, openjdk-9, openjdk-lts, openjdk-12...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| openjdk-8 | Not affected | Not affected | Fixed | Fixed |
| icedtea-web | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| openjdk-9 | Not in release | Not in release | Not in release | Not in release |
| openjdk-lts | Fixed | Fixed | Fixed | Fixed |
| openjdk-12 | Not in release | Not in release | Not in release | Not in release |
| openjdk-13 | Not in release | Not in release | Ignored | Not in release |
| openjdk-15 | Not in release | Not in release | Not in release | Not in release |
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Windows DLL). The supported version that is affected is Java SE: 8u202. Difficult to exploit vulnerability allows unauthenticated attacker with network access...
7 affected packages
openjdk-8, icedtea-web, openjdk-12, openjdk-6, openjdk-7...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| openjdk-8 | — | — | — | Not affected |
| icedtea-web | — | — | — | Not affected |
| openjdk-12 | — | — | — | Not in release |
| openjdk-6 | — | — | — | Not in release |
| openjdk-7 | — | — | — | Not in release |
| openjdk-9 | — | — | — | Not in release |
| openjdk-lts | — | — | — | Not affected |
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 7u211 and 8u202. Difficult to exploit vulnerability allows unauthenticated attacker with network access...
7 affected packages
icedtea-web, openjdk-6, openjdk-7, openjdk-12, openjdk-9...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| icedtea-web | — | — | — | Not affected |
| openjdk-6 | — | — | — | Not in release |
| openjdk-7 | — | — | — | Not in release |
| openjdk-12 | — | — | — | Not in release |
| openjdk-9 | — | — | — | Not in release |
| openjdk-8 | — | — | — | Fixed |
| openjdk-lts | — | — | — | Not affected |
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 7u211 and 8u202. Difficult to exploit vulnerability allows unauthenticated attacker with network access...
7 affected packages
icedtea-web, openjdk-6, openjdk-7, openjdk-12, openjdk-8...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| icedtea-web | — | — | — | Not affected |
| openjdk-6 | — | — | — | Not in release |
| openjdk-7 | — | — | — | Not in release |
| openjdk-12 | — | — | — | Not in release |
| openjdk-8 | — | — | — | Fixed |
| openjdk-9 | — | — | — | Not in release |
| openjdk-lts | — | — | — | Not affected |
Some fixes available 7 of 8
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Difficult to...
7 affected packages
icedtea-web, openjdk-6, openjdk-7, openjdk-12, openjdk-8...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| icedtea-web | — | Not affected | Not affected | Not affected |
| openjdk-6 | — | Not in release | Not in release | Not in release |
| openjdk-7 | — | Not in release | Not in release | Not in release |
| openjdk-12 | — | Not in release | Not in release | Not in release |
| openjdk-8 | — | Not affected | Not affected | Fixed |
| openjdk-9 | — | Not in release | Not in release | Not in release |
| openjdk-lts | — | Not affected | Not affected | Fixed |
Some fixes available 7 of 8
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Easily exploitable...
7 affected packages
icedtea-web, openjdk-6, openjdk-7, openjdk-12, openjdk-8...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| icedtea-web | — | Not affected | Not affected | Not affected |
| openjdk-6 | — | Not in release | Not in release | Not in release |
| openjdk-7 | — | Not in release | Not in release | Not in release |
| openjdk-12 | — | Not in release | Not in release | Not in release |
| openjdk-8 | — | Not affected | Not affected | Fixed |
| openjdk-9 | — | Not in release | Not in release | Not in release |
| openjdk-lts | — | Not affected | Not affected | Fixed |
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). The supported version that is affected is Java SE: 8u192. Difficult to exploit vulnerability allows unauthenticated attacker with network access...
6 affected packages
icedtea-web, openjdk-6, openjdk-7, openjdk-8, openjdk-9, openjdk-lts
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| icedtea-web | — | — | — | Not affected |
| openjdk-6 | — | — | — | Not in release |
| openjdk-7 | — | — | — | Not in release |
| openjdk-8 | — | — | — | Not affected |
| openjdk-9 | — | — | — | Not in release |
| openjdk-lts | — | — | — | Not affected |
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 7u201, 8u192 and 11.0.1; Java SE Embedded: 8u191. Difficult to exploit vulnerability allows...
6 affected packages
openjdk-6, openjdk-7, icedtea-web, openjdk-8, openjdk-9, openjdk-lts
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| openjdk-6 | — | — | — | Not in release |
| openjdk-7 | — | — | — | Not in release |
| icedtea-web | — | — | — | Not affected |
| openjdk-8 | — | — | — | Not affected |
| openjdk-9 | — | — | — | Not in release |
| openjdk-lts | — | — | — | Not affected |
It was found that icedtea-web up to and including 1.7.2 and 1.8.2 was vulnerable to a zip-slip attack during auto-extraction of a JAR file. An attacker could use this flaw to write files to arbitrary locations. This could also be...
1 affected package
icedtea-web
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| icedtea-web | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
It was found that icedtea-web though 1.7.2 and 1.8.2 did not properly sanitize paths from <jar/> elements in JNLP files. An attacker could trick a victim into running a specially crafted application and use this flaw to upload...
1 affected package
icedtea-web
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| icedtea-web | Vulnerable | Vulnerable | Vulnerable | Vulnerable |