Search CVE reports
71 – 80 of 242 results
CVE-2020-2590
Low prioritySome fixes available 15 of 35
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit...
6 affected packages
icedtea-web, openjdk-12, openjdk-13, openjdk-8, openjdk-9, openjdk-lts
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| icedtea-web | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| openjdk-12 | Not in release | Not in release | Not in release | Not in release | Not in release |
| openjdk-13 | Not in release | Not in release | Not affected | Not in release | Not in release |
| openjdk-8 | Not affected | Not affected | Not affected | Fixed | Fixed |
| openjdk-9 | Not in release | Not in release | Not in release | Not in release | Ignored |
| openjdk-lts | Fixed | Fixed | Fixed | Fixed | Not in release |
CVE-2020-2583
Low prioritySome fixes available 15 of 35
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit...
6 affected packages
icedtea-web, openjdk-12, openjdk-13, openjdk-8, openjdk-9, openjdk-lts
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| icedtea-web | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| openjdk-12 | Not in release | Not in release | Not in release | Not in release | Not in release |
| openjdk-13 | Not in release | Not in release | Not affected | Not in release | Not in release |
| openjdk-8 | Not affected | Not affected | Not affected | Fixed | Fixed |
| openjdk-9 | Not in release | Not in release | Not in release | Not in release | Ignored |
| openjdk-lts | Fixed | Fixed | Fixed | Fixed | Not in release |
CVE-2019-10185
Medium priorityIt was found that icedtea-web up to and including 1.7.2 and 1.8.2 was vulnerable to a zip-slip attack during auto-extraction of a JAR file. An attacker could use this flaw to write files to arbitrary locations. This could also be...
1 affected package
icedtea-web
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| icedtea-web | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
CVE-2019-10181
Medium priorityIt was found that in icedtea-web up to and including 1.7.2 and 1.8.2 executable code could be injected in a JAR file without compromising the signature verification. An attacker could use this flaw to inject code in a trusted JAR....
1 affected package
icedtea-web
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| icedtea-web | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
CVE-2019-10182
Medium priorityIt was found that icedtea-web though 1.7.2 and 1.8.2 did not properly sanitize paths from <jar/> elements in JNLP files. An attacker could trick a victim into running a specially crafted application and use this flaw to upload...
1 affected package
icedtea-web
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| icedtea-web | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
CVE-2019-2699
Medium priorityVulnerability in the Java SE component of Oracle Java SE (subcomponent: Windows DLL). The supported version that is affected is Java SE: 8u202. Difficult to exploit vulnerability allows unauthenticated attacker with network access...
7 affected packages
icedtea-web, openjdk-12, openjdk-6, openjdk-7, openjdk-8...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| icedtea-web | — | — | — | Not affected | Not affected |
| openjdk-12 | — | — | — | Not in release | Not in release |
| openjdk-6 | — | — | — | Not in release | Not in release |
| openjdk-7 | — | — | — | Not in release | Not in release |
| openjdk-8 | — | — | — | Not affected | Not affected |
| openjdk-9 | — | — | — | Not in release | Not affected |
| openjdk-lts | — | — | — | Not affected | Not in release |
CVE-2019-2698
Medium priorityVulnerability in the Java SE component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 7u211 and 8u202. Difficult to exploit vulnerability allows unauthenticated attacker with network access...
7 affected packages
icedtea-web, openjdk-12, openjdk-6, openjdk-7, openjdk-8...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| icedtea-web | — | — | — | Not affected | Not affected |
| openjdk-12 | — | — | — | Not in release | Not in release |
| openjdk-6 | — | — | — | Not in release | Not in release |
| openjdk-7 | — | — | — | Not in release | Not in release |
| openjdk-8 | — | — | — | Fixed | Fixed |
| openjdk-9 | — | — | — | Not in release | Not affected |
| openjdk-lts | — | — | — | Not affected | Not in release |
CVE-2019-2697
Medium priorityVulnerability in the Java SE component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 7u211 and 8u202. Difficult to exploit vulnerability allows unauthenticated attacker with network access...
7 affected packages
icedtea-web, openjdk-12, openjdk-6, openjdk-7, openjdk-8...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| icedtea-web | — | — | — | Not affected | Not affected |
| openjdk-12 | — | — | — | Not in release | Not in release |
| openjdk-6 | — | — | — | Not in release | Not in release |
| openjdk-7 | — | — | — | Not in release | Not in release |
| openjdk-8 | — | — | — | Fixed | Fixed |
| openjdk-9 | — | — | — | Not in release | Not affected |
| openjdk-lts | — | — | — | Not affected | Not in release |
CVE-2019-2684
Medium prioritySome fixes available 7 of 8
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Difficult to...
7 affected packages
icedtea-web, openjdk-12, openjdk-6, openjdk-7, openjdk-8...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| icedtea-web | — | Not affected | Not affected | Not affected | Not affected |
| openjdk-12 | — | Not in release | Not in release | Not in release | Not in release |
| openjdk-6 | — | Not in release | Not in release | Not in release | Not in release |
| openjdk-7 | — | Not in release | Not in release | Not in release | Not in release |
| openjdk-8 | — | Not affected | Not affected | Fixed | Fixed |
| openjdk-9 | — | Not in release | Not in release | Not in release | Not affected |
| openjdk-lts | — | Not affected | Not affected | Fixed | Not in release |
CVE-2019-2602
Low prioritySome fixes available 7 of 8
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Easily exploitable...
7 affected packages
icedtea-web, openjdk-12, openjdk-6, openjdk-7, openjdk-8...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| icedtea-web | — | Not affected | Not affected | Not affected | Not affected |
| openjdk-12 | — | Not in release | Not in release | Not in release | Not in release |
| openjdk-6 | — | Not in release | Not in release | Not in release | Not in release |
| openjdk-7 | — | Not in release | Not in release | Not in release | Not in release |
| openjdk-8 | — | Not affected | Not affected | Fixed | Fixed |
| openjdk-9 | — | Not in release | Not in release | Not in release | Not affected |
| openjdk-lts | — | Not affected | Not affected | Fixed | Not in release |