Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2018-1890 (GCVE-0-2018-1890)
Vulnerability from cvelistv5
Published
2019-03-11 22:00
Modified
2025-02-13 16:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Gain Privileges
Summary
IBM SDK, Java Technology Edition Version 8 on the AIX platform uses absolute RPATHs which may facilitate code injection and privilege elevation by local users. IBM X-Force ID: 152081.
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| IBM | WebSphere Application Server Patterns |
Version: 1.0.0.0 Version: 1.0.0.7 Version: 2.2.0.0 Version: 2.2.5.3 |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T04:14:38.919Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ibm-sdk-cve20181890-code-exec(152081)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/152081"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10873042"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10873332"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10874750"
},
{
"name": "107448",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/107448"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WebSphere Application Server Patterns",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "1.0.0.0"
},
{
"status": "affected",
"version": "1.0.0.7"
},
{
"status": "affected",
"version": "2.2.0.0"
},
{
"status": "affected",
"version": "2.2.5.3"
}
]
},
{
"product": "WebSphere Application Server",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.0"
},
{
"status": "affected",
"version": "8.0"
},
{
"status": "affected",
"version": "8.5"
},
{
"status": "affected",
"version": "9.0"
},
{
"status": "affected",
"version": "Liberty"
}
]
},
{
"defaultStatus": "affected",
"product": "Runtimes for Java Technology",
"vendor": "IBM"
}
],
"datePublic": "2019-03-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "IBM SDK, Java Technology Edition Version 8 on the AIX platform uses absolute RPATHs which may facilitate code injection and privilege elevation by local users. IBM X-Force ID: 152081."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitCodeMaturity": "UNPROVEN",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"remediationLevel": "OFFICIAL_FIX",
"reportConfidence": "CONFIRMED",
"scope": "CHANGED",
"temporalScore": 4.9,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/A:L/AC:H/AV:L/C:L/I:L/PR:N/S:C/UI:N/E:U/RC:C/RL:O",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Gain Privileges",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T03:01:03.000Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "ibm-sdk-cve20181890-code-exec(152081)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/152081"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10873042"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10873332"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10874750"
},
{
"name": "107448",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/107448"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2019-03-01T00:00:00",
"ID": "CVE-2018-1890",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WebSphere Application Server Patterns",
"version": {
"version_data": [
{
"version_value": "1.0.0.0"
},
{
"version_value": "1.0.0.7"
},
{
"version_value": "2.2.0.0"
},
{
"version_value": "2.2.5.3"
}
]
}
},
{
"product_name": "WebSphere Application Server",
"version": {
"version_data": [
{
"version_value": "7.0"
},
{
"version_value": "8.0"
},
{
"version_value": "8.5"
},
{
"version_value": "9.0"
},
{
"version_value": "Liberty"
}
]
}
},
{
"product_name": "Runtimes for Java Technology",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM SDK, Java Technology Edition Version 8 on the AIX platform uses absolute RPATHs which may facilitate code injection and privilege elevation by local users. IBM X-Force ID: 152081."
}
]
},
"impact": {
"cvssv3": {
"BM": {
"A": "L",
"AC": "H",
"AV": "L",
"C": "L",
"I": "L",
"PR": "N",
"S": "C",
"UI": "N"
},
"TM": {
"E": "U",
"RC": "C",
"RL": "O"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Gain Privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ibm-sdk-cve20181890-code-exec(152081)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/152081"
},
{
"name": "https://www.ibm.com/support/docview.wss?uid=ibm10873042",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10873042"
},
{
"name": "https://www.ibm.com/support/docview.wss?uid=ibm10873332",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10873332"
},
{
"name": "https://www.ibm.com/support/docview.wss?uid=ibm10874750",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10874750"
},
{
"name": "107448",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107448"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2018-1890",
"datePublished": "2019-03-11T22:00:00.000Z",
"dateReserved": "2017-12-13T00:00:00.000Z",
"dateUpdated": "2025-02-13T16:27:18.602Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2018-1890\",\"sourceIdentifier\":\"psirt@us.ibm.com\",\"published\":\"2019-03-11T22:29:00.343\",\"lastModified\":\"2024-11-21T04:00:32.843\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"IBM SDK, Java Technology Edition Version 8 on the AIX platform uses absolute RPATHs which may facilitate code injection and privilege elevation by local users. IBM X-Force ID: 152081.\"},{\"lang\":\"es\",\"value\":\"IBM SDK, Java Technology Edition, en su versi\u00f3n 8 en la plataforma AIX, utiliza RPATHS absolutas, lo que podr\u00eda facilitar una inyecci\u00f3n de c\u00f3digo y un escalado de privilegios por usuarios locales. IBM X-Force ID: 152081.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"psirt@us.ibm.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L\",\"baseScore\":5.6,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":1.4,\"impactScore\":3.7},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":4.6,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.9,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-427\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:sdk:8.0:*:*:*:java_technology:*:*:*\",\"matchCriteriaId\":\"6DEFC54D-3C43-499D-8F5E-75A02E5A1DF2\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/107448\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/152081\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"VDB Entry\",\"Vendor Advisory\"]},{\"url\":\"https://www.ibm.com/support/docview.wss?uid=ibm10873042\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.ibm.com/support/docview.wss?uid=ibm10873332\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.ibm.com/support/docview.wss?uid=ibm10874750\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/107448\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/152081\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"VDB Entry\",\"Vendor Advisory\"]},{\"url\":\"https://www.ibm.com/support/docview.wss?uid=ibm10873042\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.ibm.com/support/docview.wss?uid=ibm10873332\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.ibm.com/support/docview.wss?uid=ibm10874750\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}"
}
}
ghsa-qwwq-984w-2342
Vulnerability from github
Published
2022-05-13 01:32
Modified
2022-05-13 01:32
Severity ?
VLAI Severity ?
Details
IBM SDK, Java Technology Edition Version 8 on the AIX platform uses absolute RPATHs which may facilitate code injection and privilege elevation by local users. IBM X-Force ID: 152081.
{
"affected": [],
"aliases": [
"CVE-2018-1890"
],
"database_specific": {
"cwe_ids": [
"CWE-427"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-03-11T22:29:00Z",
"severity": "HIGH"
},
"details": "IBM SDK, Java Technology Edition Version 8 on the AIX platform uses absolute RPATHs which may facilitate code injection and privilege elevation by local users. IBM X-Force ID: 152081.",
"id": "GHSA-qwwq-984w-2342",
"modified": "2022-05-13T01:32:32Z",
"published": "2022-05-13T01:32:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1890"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/152081"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10873042"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10873332"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10874750"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/107448"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
gsd-2018-1890
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
IBM SDK, Java Technology Edition Version 8 on the AIX platform uses absolute RPATHs which may facilitate code injection and privilege elevation by local users. IBM X-Force ID: 152081.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2018-1890",
"description": "IBM SDK, Java Technology Edition Version 8 on the AIX platform uses absolute RPATHs which may facilitate code injection and privilege elevation by local users. IBM X-Force ID: 152081.",
"id": "GSD-2018-1890",
"references": [
"https://www.suse.com/security/cve/CVE-2018-1890.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2018-1890"
],
"details": "IBM SDK, Java Technology Edition Version 8 on the AIX platform uses absolute RPATHs which may facilitate code injection and privilege elevation by local users. IBM X-Force ID: 152081.",
"id": "GSD-2018-1890",
"modified": "2023-12-13T01:22:37.187098Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2019-03-01T00:00:00",
"ID": "CVE-2018-1890",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WebSphere Application Server Patterns",
"version": {
"version_data": [
{
"version_value": "1.0.0.0"
},
{
"version_value": "1.0.0.7"
},
{
"version_value": "2.2.0.0"
},
{
"version_value": "2.2.5.3"
}
]
}
},
{
"product_name": "WebSphere Application Server",
"version": {
"version_data": [
{
"version_value": "7.0"
},
{
"version_value": "8.0"
},
{
"version_value": "8.5"
},
{
"version_value": "9.0"
},
{
"version_value": "Liberty"
}
]
}
},
{
"product_name": "Runtimes for Java Technology",
"version": {
"version_data": [
{
"version_value": " "
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM SDK, Java Technology Edition Version 8 on the AIX platform uses absolute RPATHs which may facilitate code injection and privilege elevation by local users. IBM X-Force ID: 152081."
}
]
},
"impact": {
"cvssv3": {
"BM": {
"A": "L",
"AC": "H",
"AV": "L",
"C": "L",
"I": "L",
"PR": "N",
"S": "C",
"SCORE": "5.600",
"UI": "N"
},
"TM": {
"E": "U",
"RC": "C",
"RL": "O"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Gain Privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ibm-sdk-cve20181890-code-exec(152081)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/152081"
},
{
"name": "https://www.ibm.com/support/docview.wss?uid=ibm10873042",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10873042"
},
{
"name": "https://www.ibm.com/support/docview.wss?uid=ibm10873332",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10873332"
},
{
"name": "https://www.ibm.com/support/docview.wss?uid=ibm10874750",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10874750"
},
{
"name": "107448",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107448"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ibm:sdk:8.0:*:*:*:java_technology:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2018-1890"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "IBM SDK, Java Technology Edition Version 8 on the AIX platform uses absolute RPATHs which may facilitate code injection and privilege elevation by local users. IBM X-Force ID: 152081."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.ibm.com/support/docview.wss?uid=ibm10874750",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10874750"
},
{
"name": "https://www.ibm.com/support/docview.wss?uid=ibm10873332",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10873332"
},
{
"name": "https://www.ibm.com/support/docview.wss?uid=ibm10873042",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10873042"
},
{
"name": "ibm-sdk-cve20181890-code-exec(152081)",
"refsource": "XF",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/152081"
},
{
"name": "107448",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/107448"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
},
"lastModifiedDate": "2019-10-09T23:39Z",
"publishedDate": "2019-03-11T22:29Z"
}
}
}
suse-su-2019:0585-1
Vulnerability from csaf_suse
Published
2019-03-12 11:59
Modified
2019-03-12 11:59
Summary
Security update for java-1_8_0-ibm
Notes
Title of the patch
Security update for java-1_8_0-ibm
Description of the patch
This update for java-1_8_0-ibm to version 8.0.5.30 fixes the following issues:
Security issues fixed:
- CVE-2019-2422: Fixed a memory disclosure in FileChannelImpl (bsc#1122293).
- CVE-2018-11212: Fixed an issue in alloc_sarray function in jmemmgr.c (bsc#1122299).
- CVE-2018-1890: Fixed a local privilege escalation via RPATHs (bsc#1128158).
- CVE-2019-2449: Fixed a vulnerabilit which could allow remote atackers to delete arbitrary files (bsc#1122292).
More information: https://www-01.ibm.com/support/docview.wss?uid=ibm10873332
Patchnames
SUSE-2019-585,SUSE-SLE-Module-Legacy-15-2019-585
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for java-1_8_0-ibm",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for java-1_8_0-ibm to version 8.0.5.30 fixes the following issues:\n\nSecurity issues fixed: \t \n\n- CVE-2019-2422: Fixed a memory disclosure in FileChannelImpl (bsc#1122293).\n- CVE-2018-11212: Fixed an issue in alloc_sarray function in jmemmgr.c (bsc#1122299).\n- CVE-2018-1890: Fixed a local privilege escalation via RPATHs (bsc#1128158).\n- CVE-2019-2449: Fixed a vulnerabilit which could allow remote atackers to delete arbitrary files (bsc#1122292). \n\nMore information: https://www-01.ibm.com/support/docview.wss?uid=ibm10873332\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2019-585,SUSE-SLE-Module-Legacy-15-2019-585",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_0585-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2019:0585-1",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20190585-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2019:0585-1",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20190585-1.html"
},
{
"category": "self",
"summary": "SUSE Bug 1122292",
"url": "https://bugzilla.suse.com/1122292"
},
{
"category": "self",
"summary": "SUSE Bug 1122293",
"url": "https://bugzilla.suse.com/1122293"
},
{
"category": "self",
"summary": "SUSE Bug 1122299",
"url": "https://bugzilla.suse.com/1122299"
},
{
"category": "self",
"summary": "SUSE Bug 1128158",
"url": "https://bugzilla.suse.com/1128158"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-11212 page",
"url": "https://www.suse.com/security/cve/CVE-2018-11212/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1890 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1890/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-2422 page",
"url": "https://www.suse.com/security/cve/CVE-2019-2422/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-2449 page",
"url": "https://www.suse.com/security/cve/CVE-2019-2449/"
}
],
"title": "Security update for java-1_8_0-ibm",
"tracking": {
"current_release_date": "2019-03-12T11:59:13Z",
"generator": {
"date": "2019-03-12T11:59:13Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2019:0585-1",
"initial_release_date": "2019-03-12T11:59:13Z",
"revision_history": [
{
"date": "2019-03-12T11:59:13Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "java-1_8_0-ibm-1.8.0_sr5.30-3.16.2.i586",
"product": {
"name": "java-1_8_0-ibm-1.8.0_sr5.30-3.16.2.i586",
"product_id": "java-1_8_0-ibm-1.8.0_sr5.30-3.16.2.i586"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-alsa-1.8.0_sr5.30-3.16.2.i586",
"product": {
"name": "java-1_8_0-ibm-alsa-1.8.0_sr5.30-3.16.2.i586",
"product_id": "java-1_8_0-ibm-alsa-1.8.0_sr5.30-3.16.2.i586"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-demo-1.8.0_sr5.30-3.16.2.i586",
"product": {
"name": "java-1_8_0-ibm-demo-1.8.0_sr5.30-3.16.2.i586",
"product_id": "java-1_8_0-ibm-demo-1.8.0_sr5.30-3.16.2.i586"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16.2.i586",
"product": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16.2.i586",
"product_id": "java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16.2.i586"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-plugin-1.8.0_sr5.30-3.16.2.i586",
"product": {
"name": "java-1_8_0-ibm-plugin-1.8.0_sr5.30-3.16.2.i586",
"product_id": "java-1_8_0-ibm-plugin-1.8.0_sr5.30-3.16.2.i586"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-src-1.8.0_sr5.30-3.16.2.i586",
"product": {
"name": "java-1_8_0-ibm-src-1.8.0_sr5.30-3.16.2.i586",
"product_id": "java-1_8_0-ibm-src-1.8.0_sr5.30-3.16.2.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1_8_0-ibm-1.8.0_sr5.30-3.16.2.ppc64le",
"product": {
"name": "java-1_8_0-ibm-1.8.0_sr5.30-3.16.2.ppc64le",
"product_id": "java-1_8_0-ibm-1.8.0_sr5.30-3.16.2.ppc64le"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-demo-1.8.0_sr5.30-3.16.2.ppc64le",
"product": {
"name": "java-1_8_0-ibm-demo-1.8.0_sr5.30-3.16.2.ppc64le",
"product_id": "java-1_8_0-ibm-demo-1.8.0_sr5.30-3.16.2.ppc64le"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16.2.ppc64le",
"product": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16.2.ppc64le",
"product_id": "java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16.2.ppc64le"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-src-1.8.0_sr5.30-3.16.2.ppc64le",
"product": {
"name": "java-1_8_0-ibm-src-1.8.0_sr5.30-3.16.2.ppc64le",
"product_id": "java-1_8_0-ibm-src-1.8.0_sr5.30-3.16.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1_8_0-ibm-1.8.0_sr5.30-3.16.2.s390x",
"product": {
"name": "java-1_8_0-ibm-1.8.0_sr5.30-3.16.2.s390x",
"product_id": "java-1_8_0-ibm-1.8.0_sr5.30-3.16.2.s390x"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-demo-1.8.0_sr5.30-3.16.2.s390x",
"product": {
"name": "java-1_8_0-ibm-demo-1.8.0_sr5.30-3.16.2.s390x",
"product_id": "java-1_8_0-ibm-demo-1.8.0_sr5.30-3.16.2.s390x"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16.2.s390x",
"product": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16.2.s390x",
"product_id": "java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16.2.s390x"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-src-1.8.0_sr5.30-3.16.2.s390x",
"product": {
"name": "java-1_8_0-ibm-src-1.8.0_sr5.30-3.16.2.s390x",
"product_id": "java-1_8_0-ibm-src-1.8.0_sr5.30-3.16.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1_8_0-ibm-1.8.0_sr5.30-3.16.2.x86_64",
"product": {
"name": "java-1_8_0-ibm-1.8.0_sr5.30-3.16.2.x86_64",
"product_id": "java-1_8_0-ibm-1.8.0_sr5.30-3.16.2.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-32bit-1.8.0_sr5.30-3.16.2.x86_64",
"product": {
"name": "java-1_8_0-ibm-32bit-1.8.0_sr5.30-3.16.2.x86_64",
"product_id": "java-1_8_0-ibm-32bit-1.8.0_sr5.30-3.16.2.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-alsa-1.8.0_sr5.30-3.16.2.x86_64",
"product": {
"name": "java-1_8_0-ibm-alsa-1.8.0_sr5.30-3.16.2.x86_64",
"product_id": "java-1_8_0-ibm-alsa-1.8.0_sr5.30-3.16.2.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-demo-1.8.0_sr5.30-3.16.2.x86_64",
"product": {
"name": "java-1_8_0-ibm-demo-1.8.0_sr5.30-3.16.2.x86_64",
"product_id": "java-1_8_0-ibm-demo-1.8.0_sr5.30-3.16.2.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16.2.x86_64",
"product": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16.2.x86_64",
"product_id": "java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16.2.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-devel-32bit-1.8.0_sr5.30-3.16.2.x86_64",
"product": {
"name": "java-1_8_0-ibm-devel-32bit-1.8.0_sr5.30-3.16.2.x86_64",
"product_id": "java-1_8_0-ibm-devel-32bit-1.8.0_sr5.30-3.16.2.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-plugin-1.8.0_sr5.30-3.16.2.x86_64",
"product": {
"name": "java-1_8_0-ibm-plugin-1.8.0_sr5.30-3.16.2.x86_64",
"product_id": "java-1_8_0-ibm-plugin-1.8.0_sr5.30-3.16.2.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-src-1.8.0_sr5.30-3.16.2.x86_64",
"product": {
"name": "java-1_8_0-ibm-src-1.8.0_sr5.30-3.16.2.x86_64",
"product_id": "java-1_8_0-ibm-src-1.8.0_sr5.30-3.16.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Legacy 15",
"product": {
"name": "SUSE Linux Enterprise Module for Legacy 15",
"product_id": "SUSE Linux Enterprise Module for Legacy 15",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-legacy:15"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr5.30-3.16.2.ppc64le as component of SUSE Linux Enterprise Module for Legacy 15",
"product_id": "SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-1.8.0_sr5.30-3.16.2.ppc64le"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr5.30-3.16.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr5.30-3.16.2.s390x as component of SUSE Linux Enterprise Module for Legacy 15",
"product_id": "SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-1.8.0_sr5.30-3.16.2.s390x"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr5.30-3.16.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr5.30-3.16.2.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15",
"product_id": "SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-1.8.0_sr5.30-3.16.2.x86_64"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr5.30-3.16.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-alsa-1.8.0_sr5.30-3.16.2.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15",
"product_id": "SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-alsa-1.8.0_sr5.30-3.16.2.x86_64"
},
"product_reference": "java-1_8_0-ibm-alsa-1.8.0_sr5.30-3.16.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16.2.ppc64le as component of SUSE Linux Enterprise Module for Legacy 15",
"product_id": "SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16.2.ppc64le"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16.2.s390x as component of SUSE Linux Enterprise Module for Legacy 15",
"product_id": "SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16.2.s390x"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16.2.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15",
"product_id": "SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16.2.x86_64"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-plugin-1.8.0_sr5.30-3.16.2.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15",
"product_id": "SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-plugin-1.8.0_sr5.30-3.16.2.x86_64"
},
"product_reference": "java-1_8_0-ibm-plugin-1.8.0_sr5.30-3.16.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-11212",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-11212"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in libjpeg 9a and 9d. The alloc_sarray function in jmemmgr.c allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-1.8.0_sr5.30-3.16.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-1.8.0_sr5.30-3.16.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-1.8.0_sr5.30-3.16.2.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-alsa-1.8.0_sr5.30-3.16.2.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16.2.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-plugin-1.8.0_sr5.30-3.16.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-11212",
"url": "https://www.suse.com/security/cve/CVE-2018-11212"
},
{
"category": "external",
"summary": "SUSE Bug 1122299 for CVE-2018-11212",
"url": "https://bugzilla.suse.com/1122299"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-1.8.0_sr5.30-3.16.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-1.8.0_sr5.30-3.16.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-1.8.0_sr5.30-3.16.2.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-alsa-1.8.0_sr5.30-3.16.2.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16.2.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-plugin-1.8.0_sr5.30-3.16.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-1.8.0_sr5.30-3.16.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-1.8.0_sr5.30-3.16.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-1.8.0_sr5.30-3.16.2.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-alsa-1.8.0_sr5.30-3.16.2.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16.2.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-plugin-1.8.0_sr5.30-3.16.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-12T11:59:13Z",
"details": "low"
}
],
"title": "CVE-2018-11212"
},
{
"cve": "CVE-2018-1890",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1890"
}
],
"notes": [
{
"category": "general",
"text": "IBM SDK, Java Technology Edition Version 8 on the AIX platform uses absolute RPATHs which may facilitate code injection and privilege elevation by local users. IBM X-Force ID: 152081.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-1.8.0_sr5.30-3.16.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-1.8.0_sr5.30-3.16.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-1.8.0_sr5.30-3.16.2.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-alsa-1.8.0_sr5.30-3.16.2.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16.2.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-plugin-1.8.0_sr5.30-3.16.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1890",
"url": "https://www.suse.com/security/cve/CVE-2018-1890"
},
{
"category": "external",
"summary": "SUSE Bug 1128158 for CVE-2018-1890",
"url": "https://bugzilla.suse.com/1128158"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-1.8.0_sr5.30-3.16.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-1.8.0_sr5.30-3.16.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-1.8.0_sr5.30-3.16.2.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-alsa-1.8.0_sr5.30-3.16.2.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16.2.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-plugin-1.8.0_sr5.30-3.16.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-1.8.0_sr5.30-3.16.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-1.8.0_sr5.30-3.16.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-1.8.0_sr5.30-3.16.2.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-alsa-1.8.0_sr5.30-3.16.2.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16.2.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-plugin-1.8.0_sr5.30-3.16.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-12T11:59:13Z",
"details": "moderate"
}
],
"title": "CVE-2018-1890"
},
{
"cve": "CVE-2019-2422",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-2422"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u201, 8u192 and 11.0.1; Java SE Embedded: 8u191. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-1.8.0_sr5.30-3.16.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-1.8.0_sr5.30-3.16.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-1.8.0_sr5.30-3.16.2.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-alsa-1.8.0_sr5.30-3.16.2.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16.2.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-plugin-1.8.0_sr5.30-3.16.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-2422",
"url": "https://www.suse.com/security/cve/CVE-2019-2422"
},
{
"category": "external",
"summary": "SUSE Bug 1122293 for CVE-2019-2422",
"url": "https://bugzilla.suse.com/1122293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-1.8.0_sr5.30-3.16.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-1.8.0_sr5.30-3.16.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-1.8.0_sr5.30-3.16.2.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-alsa-1.8.0_sr5.30-3.16.2.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16.2.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-plugin-1.8.0_sr5.30-3.16.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-1.8.0_sr5.30-3.16.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-1.8.0_sr5.30-3.16.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-1.8.0_sr5.30-3.16.2.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-alsa-1.8.0_sr5.30-3.16.2.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16.2.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-plugin-1.8.0_sr5.30-3.16.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-12T11:59:13Z",
"details": "low"
}
],
"title": "CVE-2019-2422"
},
{
"cve": "CVE-2019-2449",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-2449"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). The supported version that is affected is Java SE: 8u192. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 3.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-1.8.0_sr5.30-3.16.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-1.8.0_sr5.30-3.16.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-1.8.0_sr5.30-3.16.2.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-alsa-1.8.0_sr5.30-3.16.2.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16.2.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-plugin-1.8.0_sr5.30-3.16.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-2449",
"url": "https://www.suse.com/security/cve/CVE-2019-2449"
},
{
"category": "external",
"summary": "SUSE Bug 1122292 for CVE-2019-2449",
"url": "https://bugzilla.suse.com/1122292"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-1.8.0_sr5.30-3.16.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-1.8.0_sr5.30-3.16.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-1.8.0_sr5.30-3.16.2.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-alsa-1.8.0_sr5.30-3.16.2.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16.2.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-plugin-1.8.0_sr5.30-3.16.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-1.8.0_sr5.30-3.16.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-1.8.0_sr5.30-3.16.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-1.8.0_sr5.30-3.16.2.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-alsa-1.8.0_sr5.30-3.16.2.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16.2.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:java-1_8_0-ibm-plugin-1.8.0_sr5.30-3.16.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-12T11:59:13Z",
"details": "low"
}
],
"title": "CVE-2019-2449"
}
]
}
suse-su-2019:0617-1
Vulnerability from csaf_suse
Published
2019-03-15 12:14
Modified
2019-03-15 12:14
Summary
Security update for java-1_8_0-ibm
Notes
Title of the patch
Security update for java-1_8_0-ibm
Description of the patch
This update for java-1_8_0-ibm to version 8.0.5.30 fixes the following issues:
Security issues fixed:
- CVE-2019-2422: Fixed a memory disclosure in FileChannelImpl (bsc#1122293).
- CVE-2018-11212: Fixed an issue in alloc_sarray function in jmemmgr.c (bsc#1122299).
- CVE-2018-1890: Fixed a local privilege escalation via RPATHs (bsc#1128158).
- CVE-2019-2449: Fixed a vulnerabilit which could allow remote atackers to delete arbitrary files (bsc#1122292).
More information: https://www-01.ibm.com/support/docview.wss?uid=ibm10873332
Patchnames
SUSE-2019-617,SUSE-OpenStack-Cloud-7-2019-617,SUSE-SLE-SAP-12-SP1-2019-617,SUSE-SLE-SAP-12-SP2-2019-617,SUSE-SLE-SDK-12-SP3-2019-617,SUSE-SLE-SDK-12-SP4-2019-617,SUSE-SLE-SERVER-12-SP1-2019-617,SUSE-SLE-SERVER-12-SP2-2019-617,SUSE-SLE-SERVER-12-SP2-BCL-2019-617,SUSE-SLE-SERVER-12-SP3-2019-617,SUSE-SLE-SERVER-12-SP4-2019-617,SUSE-Storage-4-2019-617
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for java-1_8_0-ibm",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for java-1_8_0-ibm to version 8.0.5.30 fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2019-2422: Fixed a memory disclosure in FileChannelImpl (bsc#1122293).\n- CVE-2018-11212: Fixed an issue in alloc_sarray function in jmemmgr.c (bsc#1122299).\n- CVE-2018-1890: Fixed a local privilege escalation via RPATHs (bsc#1128158).\n- CVE-2019-2449: Fixed a vulnerabilit which could allow remote atackers to delete arbitrary files (bsc#1122292). \n\nMore information: https://www-01.ibm.com/support/docview.wss?uid=ibm10873332\t \n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2019-617,SUSE-OpenStack-Cloud-7-2019-617,SUSE-SLE-SAP-12-SP1-2019-617,SUSE-SLE-SAP-12-SP2-2019-617,SUSE-SLE-SDK-12-SP3-2019-617,SUSE-SLE-SDK-12-SP4-2019-617,SUSE-SLE-SERVER-12-SP1-2019-617,SUSE-SLE-SERVER-12-SP2-2019-617,SUSE-SLE-SERVER-12-SP2-BCL-2019-617,SUSE-SLE-SERVER-12-SP3-2019-617,SUSE-SLE-SERVER-12-SP4-2019-617,SUSE-Storage-4-2019-617",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_0617-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2019:0617-1",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20190617-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2019:0617-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2019-March/005195.html"
},
{
"category": "self",
"summary": "SUSE Bug 1122292",
"url": "https://bugzilla.suse.com/1122292"
},
{
"category": "self",
"summary": "SUSE Bug 1122293",
"url": "https://bugzilla.suse.com/1122293"
},
{
"category": "self",
"summary": "SUSE Bug 1122299",
"url": "https://bugzilla.suse.com/1122299"
},
{
"category": "self",
"summary": "SUSE Bug 1128158",
"url": "https://bugzilla.suse.com/1128158"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-11212 page",
"url": "https://www.suse.com/security/cve/CVE-2018-11212/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1890 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1890/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-2422 page",
"url": "https://www.suse.com/security/cve/CVE-2019-2422/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-2449 page",
"url": "https://www.suse.com/security/cve/CVE-2019-2449/"
}
],
"title": "Security update for java-1_8_0-ibm",
"tracking": {
"current_release_date": "2019-03-15T12:14:42Z",
"generator": {
"date": "2019-03-15T12:14:42Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2019:0617-1",
"initial_release_date": "2019-03-15T12:14:42Z",
"revision_history": [
{
"date": "2019-03-15T12:14:42Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.i586",
"product": {
"name": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.i586",
"product_id": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.i586"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.i586",
"product": {
"name": "java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.i586",
"product_id": "java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.i586"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-demo-1.8.0_sr5.30-30.46.1.i586",
"product": {
"name": "java-1_8_0-ibm-demo-1.8.0_sr5.30-30.46.1.i586",
"product_id": "java-1_8_0-ibm-demo-1.8.0_sr5.30-30.46.1.i586"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.i586",
"product": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.i586",
"product_id": "java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.i586"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.i586",
"product": {
"name": "java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.i586",
"product_id": "java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.i586"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-src-1.8.0_sr5.30-30.46.1.i586",
"product": {
"name": "java-1_8_0-ibm-src-1.8.0_sr5.30-30.46.1.i586",
"product_id": "java-1_8_0-ibm-src-1.8.0_sr5.30-30.46.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"product": {
"name": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"product_id": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-demo-1.8.0_sr5.30-30.46.1.ppc64le",
"product": {
"name": "java-1_8_0-ibm-demo-1.8.0_sr5.30-30.46.1.ppc64le",
"product_id": "java-1_8_0-ibm-demo-1.8.0_sr5.30-30.46.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"product": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"product_id": "java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-src-1.8.0_sr5.30-30.46.1.ppc64le",
"product": {
"name": "java-1_8_0-ibm-src-1.8.0_sr5.30-30.46.1.ppc64le",
"product_id": "java-1_8_0-ibm-src-1.8.0_sr5.30-30.46.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390",
"product": {
"name": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390",
"product_id": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-demo-1.8.0_sr5.30-30.46.1.s390",
"product": {
"name": "java-1_8_0-ibm-demo-1.8.0_sr5.30-30.46.1.s390",
"product_id": "java-1_8_0-ibm-demo-1.8.0_sr5.30-30.46.1.s390"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390",
"product": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390",
"product_id": "java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-src-1.8.0_sr5.30-30.46.1.s390",
"product": {
"name": "java-1_8_0-ibm-src-1.8.0_sr5.30-30.46.1.s390",
"product_id": "java-1_8_0-ibm-src-1.8.0_sr5.30-30.46.1.s390"
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"product": {
"name": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"product_id": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-32bit-1.8.0_sr5.30-30.46.1.s390x",
"product": {
"name": "java-1_8_0-ibm-32bit-1.8.0_sr5.30-30.46.1.s390x",
"product_id": "java-1_8_0-ibm-32bit-1.8.0_sr5.30-30.46.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-demo-1.8.0_sr5.30-30.46.1.s390x",
"product": {
"name": "java-1_8_0-ibm-demo-1.8.0_sr5.30-30.46.1.s390x",
"product_id": "java-1_8_0-ibm-demo-1.8.0_sr5.30-30.46.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"product": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"product_id": "java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-devel-32bit-1.8.0_sr5.30-30.46.1.s390x",
"product": {
"name": "java-1_8_0-ibm-devel-32bit-1.8.0_sr5.30-30.46.1.s390x",
"product_id": "java-1_8_0-ibm-devel-32bit-1.8.0_sr5.30-30.46.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-src-1.8.0_sr5.30-30.46.1.s390x",
"product": {
"name": "java-1_8_0-ibm-src-1.8.0_sr5.30-30.46.1.s390x",
"product_id": "java-1_8_0-ibm-src-1.8.0_sr5.30-30.46.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"product": {
"name": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"product_id": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-32bit-1.8.0_sr5.30-30.46.1.x86_64",
"product": {
"name": "java-1_8_0-ibm-32bit-1.8.0_sr5.30-30.46.1.x86_64",
"product_id": "java-1_8_0-ibm-32bit-1.8.0_sr5.30-30.46.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"product": {
"name": "java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"product_id": "java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-demo-1.8.0_sr5.30-30.46.1.x86_64",
"product": {
"name": "java-1_8_0-ibm-demo-1.8.0_sr5.30-30.46.1.x86_64",
"product_id": "java-1_8_0-ibm-demo-1.8.0_sr5.30-30.46.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"product": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"product_id": "java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-devel-32bit-1.8.0_sr5.30-30.46.1.x86_64",
"product": {
"name": "java-1_8_0-ibm-devel-32bit-1.8.0_sr5.30-30.46.1.x86_64",
"product_id": "java-1_8_0-ibm-devel-32bit-1.8.0_sr5.30-30.46.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"product": {
"name": "java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"product_id": "java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-src-1.8.0_sr5.30-30.46.1.x86_64",
"product": {
"name": "java-1_8_0-ibm-src-1.8.0_sr5.30-30.46.1.x86_64",
"product_id": "java-1_8_0-ibm-src-1.8.0_sr5.30-30.46.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE OpenStack Cloud 7",
"product": {
"name": "SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud:7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-sdk:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 12 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-sdk:12:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP2-BCL",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-bcl:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 4",
"product": {
"name": "SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64 as component of SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64 as component of SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64 as component of SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64 as component of SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-11212",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-11212"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in libjpeg 9a and 9d. The alloc_sarray function in jmemmgr.c allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Enterprise Storage 4:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Enterprise Storage 4:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Enterprise Storage 4:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-11212",
"url": "https://www.suse.com/security/cve/CVE-2018-11212"
},
{
"category": "external",
"summary": "SUSE Bug 1122299 for CVE-2018-11212",
"url": "https://bugzilla.suse.com/1122299"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Enterprise Storage 4:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Enterprise Storage 4:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Enterprise Storage 4:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Enterprise Storage 4:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Enterprise Storage 4:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Enterprise Storage 4:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-15T12:14:42Z",
"details": "low"
}
],
"title": "CVE-2018-11212"
},
{
"cve": "CVE-2018-1890",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1890"
}
],
"notes": [
{
"category": "general",
"text": "IBM SDK, Java Technology Edition Version 8 on the AIX platform uses absolute RPATHs which may facilitate code injection and privilege elevation by local users. IBM X-Force ID: 152081.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Enterprise Storage 4:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Enterprise Storage 4:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Enterprise Storage 4:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1890",
"url": "https://www.suse.com/security/cve/CVE-2018-1890"
},
{
"category": "external",
"summary": "SUSE Bug 1128158 for CVE-2018-1890",
"url": "https://bugzilla.suse.com/1128158"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Enterprise Storage 4:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Enterprise Storage 4:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Enterprise Storage 4:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Enterprise Storage 4:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Enterprise Storage 4:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Enterprise Storage 4:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-15T12:14:42Z",
"details": "moderate"
}
],
"title": "CVE-2018-1890"
},
{
"cve": "CVE-2019-2422",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-2422"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u201, 8u192 and 11.0.1; Java SE Embedded: 8u191. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Enterprise Storage 4:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Enterprise Storage 4:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Enterprise Storage 4:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-2422",
"url": "https://www.suse.com/security/cve/CVE-2019-2422"
},
{
"category": "external",
"summary": "SUSE Bug 1122293 for CVE-2019-2422",
"url": "https://bugzilla.suse.com/1122293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Enterprise Storage 4:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Enterprise Storage 4:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Enterprise Storage 4:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Enterprise Storage 4:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Enterprise Storage 4:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Enterprise Storage 4:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-15T12:14:42Z",
"details": "low"
}
],
"title": "CVE-2019-2422"
},
{
"cve": "CVE-2019-2449",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-2449"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). The supported version that is affected is Java SE: 8u192. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 3.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Enterprise Storage 4:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Enterprise Storage 4:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Enterprise Storage 4:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-2449",
"url": "https://www.suse.com/security/cve/CVE-2019-2449"
},
{
"category": "external",
"summary": "SUSE Bug 1122292 for CVE-2019-2449",
"url": "https://bugzilla.suse.com/1122292"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Enterprise Storage 4:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Enterprise Storage 4:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Enterprise Storage 4:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Enterprise Storage 4:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Enterprise Storage 4:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Enterprise Storage 4:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.s390x",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.s390x",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46.1.x86_64",
"SUSE OpenStack Cloud 7:java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-15T12:14:42Z",
"details": "low"
}
],
"title": "CVE-2019-2449"
}
]
}
CERTFR-2019-AVI-251
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | QRadar SIEM | IBM QRadar SIEM versions 7.3.0 à 7.3.2 Patch 1 | ||
| IBM | WebSphere | WebSphere Application Server Liberty | ||
| IBM | WebSphere | WebSphere Application Server version 8.5 | ||
| IBM | WebSphere | WebSphere Extreme Scale versions 8.6. | ||
| IBM | WebSphere | WebSphere Application Server version 9.0 | ||
| IBM | WebSphere | WebSphere Extreme Scale version 8.6.0 |
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM QRadar SIEM versions 7.3.0 \u00e0 7.3.2 Patch 1",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "WebSphere Application Server Liberty",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "WebSphere Application Server version 8.5",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "WebSphere Extreme Scale versions 8.6.",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "WebSphere Application Server version 9.0",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "WebSphere Extreme Scale version 8.6.0",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2019-0199",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0199"
},
{
"name": "CVE-2019-2602",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2602"
},
{
"name": "CVE-2019-2426",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2426"
},
{
"name": "CVE-2019-0220",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0220"
},
{
"name": "CVE-2018-1890",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1890"
},
{
"name": "CVE-2018-12547",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12547"
},
{
"name": "CVE-2019-2684",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2684"
},
{
"name": "CVE-2019-0211",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0211"
}
],
"initial_release_date": "2019-06-06T00:00:00",
"last_revision_date": "2019-06-06T00:00:00",
"links": [],
"reference": "CERTFR-2019-AVI-251",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2019-06-06T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de code\narbitraire \u00e0 distance et un d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM ibm10883180 du 04 juin 2019",
"url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10883180"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM ibm10886317 du 31 mai 2019",
"url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10886317"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM ibm10882256 du 04 juin 2019",
"url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10882256"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM ibm10884066 du 31 mai 2019",
"url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10884066"
}
]
}
CERTFR-2021-AVI-536
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans IBM InfoSphere. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance et une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "InfoSphere Data Replication versions 11.4 sans le dernier correctif",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "InfoSphere Data Replication versions 11.3.3 sans le dernier correctif",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "InfoSphere Data Replication versions 11.4.0 sans le dernier correctif",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2019-4732",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-4732"
},
{
"name": "CVE-2019-4473",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-4473"
},
{
"name": "CVE-2019-11771",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11771"
},
{
"name": "CVE-2018-1890",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1890"
},
{
"name": "CVE-2018-12547",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12547"
}
],
"initial_release_date": "2021-07-16T00:00:00",
"last_revision_date": "2021-07-16T00:00:00",
"links": [],
"reference": "CERTFR-2021-AVI-536",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-07-16T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans IBM InfoSphere.\nElles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code\narbitraire \u00e0 distance et une \u00e9l\u00e9vation de privil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans IBM InfoSphere",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6472905 du 14 juillet 2021",
"url": "https://www.ibm.com/support/pages/node/6472905"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6472799 du 14 juillet 2021",
"url": "https://www.ibm.com/support/pages/node/6472799"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6472907 du 14 juillet 2021",
"url": "https://www.ibm.com/support/pages/node/6472907"
}
]
}
cnvd-2019-07363
Vulnerability from cnvd
Title
IBM SDK, Java Technology Edition信息泄露漏洞
Description
IBM SDK, Java Technology Edition是美国IBM公司的一款用于Java应用程序开发的软件开发工具包。
基于AIX平台的IBM SDK, Java Technology Edition 8版本中存在安全漏洞。本地攻击者可利用该漏洞注入代码并提升权限。
Severity
低
VLAI Severity ?
Patch Name
IBM SDK, Java Technology Edition信息泄露漏洞的补丁
Patch Description
IBM SDK, Java Technology Edition是美国IBM公司的一款用于Java应用程序开发的软件开发工具包。
基于AIX平台的IBM SDK, Java Technology Edition 8版本中存在安全漏洞。本地攻击者可利用该漏洞注入代码并提升权限。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
目前厂商已发布升级补丁以修复漏洞,补丁获取链接: http://www.ibm.com/support/docview.wss?uid=ibm10873332
Reference
http://www.ibm.com/support/docview.wss?uid=ibm10873332
https://www.securityfocus.com/bid/107300
Impacted products
| Name | ['Sun Microsystems, Inc. SDK 8', 'IBM Java Technology Edition 8'] |
|---|
{
"cves": {
"cve": [
{
"cveNumber": "CVE-2018-1890",
"cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1890"
},
{
"cveNumber": "107300"
}
]
},
"description": "IBM SDK, Java Technology Edition\u662f\u7f8e\u56fdIBM\u516c\u53f8\u7684\u4e00\u6b3e\u7528\u4e8eJava\u5e94\u7528\u7a0b\u5e8f\u5f00\u53d1\u7684\u8f6f\u4ef6\u5f00\u53d1\u5de5\u5177\u5305\u3002\n\n\u57fa\u4e8eAIX\u5e73\u53f0\u7684IBM SDK, Java Technology Edition 8\u7248\u672c\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u672c\u5730\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6ce8\u5165\u4ee3\u7801\u5e76\u63d0\u5347\u6743\u9650\u3002",
"discovererName": "IBM",
"formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttp://www.ibm.com/support/docview.wss?uid=ibm10873332",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2019-07363",
"openTime": "2019-03-17",
"patchDescription": "IBM SDK, Java Technology Edition\u662f\u7f8e\u56fdIBM\u516c\u53f8\u7684\u4e00\u6b3e\u7528\u4e8eJava\u5e94\u7528\u7a0b\u5e8f\u5f00\u53d1\u7684\u8f6f\u4ef6\u5f00\u53d1\u5de5\u5177\u5305\u3002\r\n\r\n\u57fa\u4e8eAIX\u5e73\u53f0\u7684IBM SDK, Java Technology Edition 8\u7248\u672c\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u672c\u5730\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6ce8\u5165\u4ee3\u7801\u5e76\u63d0\u5347\u6743\u9650\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "IBM SDK, Java Technology Edition\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": [
"Sun Microsystems, Inc. SDK 8",
"IBM Java Technology Edition 8"
]
},
"referenceLink": "http://www.ibm.com/support/docview.wss?uid=ibm10873332\r\nhttps://www.securityfocus.com/bid/107300",
"serverity": "\u4f4e",
"submitTime": "2019-03-06",
"title": "IBM SDK, Java Technology Edition\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e"
}
fkie_cve-2018-1890
Vulnerability from fkie_nvd
Published
2019-03-11 22:29
Modified
2024-11-21 04:00
Severity ?
5.6 (Medium) - CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L
7.8 (High) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
IBM SDK, Java Technology Edition Version 8 on the AIX platform uses absolute RPATHs which may facilitate code injection and privilege elevation by local users. IBM X-Force ID: 152081.
References
| URL | Tags | ||
|---|---|---|---|
| psirt@us.ibm.com | http://www.securityfocus.com/bid/107448 | Third Party Advisory, VDB Entry | |
| psirt@us.ibm.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/152081 | VDB Entry, Vendor Advisory | |
| psirt@us.ibm.com | https://www.ibm.com/support/docview.wss?uid=ibm10873042 | Patch, Vendor Advisory | |
| psirt@us.ibm.com | https://www.ibm.com/support/docview.wss?uid=ibm10873332 | Patch, Vendor Advisory | |
| psirt@us.ibm.com | https://www.ibm.com/support/docview.wss?uid=ibm10874750 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/107448 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/152081 | VDB Entry, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.ibm.com/support/docview.wss?uid=ibm10873042 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.ibm.com/support/docview.wss?uid=ibm10873332 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.ibm.com/support/docview.wss?uid=ibm10874750 | Patch, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:sdk:8.0:*:*:*:java_technology:*:*:*",
"matchCriteriaId": "6DEFC54D-3C43-499D-8F5E-75A02E5A1DF2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM SDK, Java Technology Edition Version 8 on the AIX platform uses absolute RPATHs which may facilitate code injection and privilege elevation by local users. IBM X-Force ID: 152081."
},
{
"lang": "es",
"value": "IBM SDK, Java Technology Edition, en su versi\u00f3n 8 en la plataforma AIX, utiliza RPATHS absolutas, lo que podr\u00eda facilitar una inyecci\u00f3n de c\u00f3digo y un escalado de privilegios por usuarios locales. IBM X-Force ID: 152081."
}
],
"id": "CVE-2018-1890",
"lastModified": "2024-11-21T04:00:32.843",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.0"
},
"exploitabilityScore": 1.4,
"impactScore": 3.7,
"source": "psirt@us.ibm.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-03-11T22:29:00.343",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/107448"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/152081"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10873042"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10873332"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10874750"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/107448"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/152081"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10873042"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10873332"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10874750"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-427"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
var-201903-1183
Vulnerability from variot
IBM SDK, Java Technology Edition Version 8 on the AIX platform uses absolute RPATHs which may facilitate code injection and privilege elevation by local users. IBM X-Force ID: 152081. Vendors have confirmed this vulnerability IBM X-Force ID: 152081 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. IBM Java SDK is prone to a local privilege-escalation vulnerability. An attackers may exploit this issue to inject and execute arbitrary-code with elevated privileges. There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 7.0.10.35 and previous versions, 7.1.4.35 and previous versions, 8.0.5.27 and previous versions used by IBM® Db2®
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201903-1183",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sdk",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "java technology edition 8"
},
{
"model": "websphere application server patterns",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.5.3"
},
{
"model": "websphere application server patterns",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.0"
},
{
"model": "websphere application server patterns",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.0.7"
},
{
"model": "websphere application server patterns",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.0.5"
},
{
"model": "websphere application server patterns",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.0.4"
},
{
"model": "websphere application server patterns",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.0.3"
},
{
"model": "websphere application server patterns",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.0.2"
},
{
"model": "websphere application server patterns",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.0.1"
},
{
"model": "websphere application server patterns",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.0.0"
},
{
"model": "websphere application server liberty",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "19.0.0.1"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.9"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.8"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.7"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.6"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.5"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.4"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.3"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.2"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.10"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.1"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.0"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.9"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.8"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.7"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.6"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.5"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.4"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.3"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.2"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.15"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.14"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.13"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.12"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.11"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.10"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.1"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.2"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.1"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.0"
},
{
"model": "java sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "java sdk sr5 fp20",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8"
},
{
"model": "java sdk sr3 fp11",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8"
},
{
"model": "java sdk sr2 fp10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8"
},
{
"model": "java sdk sr1-fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8"
},
{
"model": "java sdk sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8"
},
{
"model": "java sdk sr fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "857"
},
{
"model": "java sdk sr fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8527"
},
{
"model": "java sdk sr fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8520"
},
{
"model": "java sdk sr fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8515"
},
{
"model": "java sdk sr fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8510"
},
{
"model": "java sdk sr fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "845"
},
{
"model": "java sdk sr fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "842"
},
{
"model": "java sdk sr fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8310"
},
{
"model": "java sdk sr",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "83"
},
{
"model": "java sdk sr fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8214"
},
{
"model": "java sdk sr",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "82"
},
{
"model": "java sdk sr fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8110"
},
{
"model": "java sdk sr fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "811"
},
{
"model": "java sdk 7r1 sr3-fp1",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "java sdk 7r1 sr3 fp50",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "java sdk 7r1 sr3 fp40",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "java sdk 7r1 sr3 fp30",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "java sdk 7r1 sr3",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "java sdk 7r1 sr2-fp10",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "java sdk 7r1 sr2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "java sdk 7r1 sr1",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "java sdk 7r1 sr fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "45"
},
{
"model": "java sdk 7r1 sr fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "435"
},
{
"model": "java sdk 7r1 sr fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "430"
},
{
"model": "java sdk 7r1 sr fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "425"
},
{
"model": "java sdk 7r1 sr fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "420"
},
{
"model": "java sdk 7r1 sr fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "415"
},
{
"model": "java sdk 7r1 sr fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "41"
},
{
"model": "java sdk 7r1 sr fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "350"
},
{
"model": "java sdk 7r1 sr fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "340"
},
{
"model": "java sdk 7r1 sr fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "320"
},
{
"model": "java sdk 7r1 sr fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "310"
},
{
"model": "java sdk 7r1 sr fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "31"
},
{
"model": "java sdk sr9-fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7"
},
{
"model": "java sdk sr9 fp50",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7"
},
{
"model": "java sdk sr9 fp40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7"
},
{
"model": "java sdk sr9 fp30",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7"
},
{
"model": "java sdk sr9",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7"
},
{
"model": "java sdk sr8-fp10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7"
},
{
"model": "java sdk sr8",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7"
},
{
"model": "java sdk sr7",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7"
},
{
"model": "java sdk sr5",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7"
},
{
"model": "java sdk sr4-fp2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7"
},
{
"model": "java sdk sr4-fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7"
},
{
"model": "java sdk sr4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7"
},
{
"model": "java sdk sr3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7"
},
{
"model": "java sdk sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7"
},
{
"model": "java sdk sr10 fp30",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7"
},
{
"model": "java sdk sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7"
},
{
"model": "java sdk sr fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7950"
},
{
"model": "java sdk sr fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7940"
},
{
"model": "java sdk sr fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7932"
},
{
"model": "java sdk sr fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7920"
},
{
"model": "java sdk sr fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7910"
},
{
"model": "java sdk sr fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "791"
},
{
"model": "java sdk sr fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7105"
},
{
"model": "java sdk sr fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "71035"
},
{
"model": "java sdk sr fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "71030"
},
{
"model": "java sdk sr fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "71025"
},
{
"model": "java sdk sr fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "71020"
},
{
"model": "java sdk sr fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "71015"
},
{
"model": "java sdk sr fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7101"
},
{
"model": "java sdk sr fp",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8530"
},
{
"model": "java sdk 7r1 sr fp",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "440"
},
{
"model": "java sdk sr fp",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "71040"
}
],
"sources": [
{
"db": "BID",
"id": "107448"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002414"
},
{
"db": "NVD",
"id": "CVE-2018-1890"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ibm:sdk",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-002414"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM",
"sources": [
{
"db": "BID",
"id": "107448"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-037"
}
],
"trust": 0.9
},
"cve": "CVE-2018-1890",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2018-1890",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2018-1890",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"author": "psirt@us.ibm.com",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 1.4,
"id": "CVE-2018-1890",
"impactScore": 3.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-1890",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "psirt@us.ibm.com",
"id": "CVE-2018-1890",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2018-1890",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201903-037",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-1890",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-1890"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002414"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-037"
},
{
"db": "NVD",
"id": "CVE-2018-1890"
},
{
"db": "NVD",
"id": "CVE-2018-1890"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM SDK, Java Technology Edition Version 8 on the AIX platform uses absolute RPATHs which may facilitate code injection and privilege elevation by local users. IBM X-Force ID: 152081. Vendors have confirmed this vulnerability IBM X-Force ID: 152081 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. IBM Java SDK is prone to a local privilege-escalation vulnerability. \nAn attackers may exploit this issue to inject and execute arbitrary-code with elevated privileges. There are multiple vulnerabilities in IBM\u00ae Runtime Environment Java\u2122 Version 7.0.10.35 and previous versions, 7.1.4.35 and previous versions, 8.0.5.27 and previous versions used by IBM\u00ae Db2\u00ae",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-1890"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002414"
},
{
"db": "BID",
"id": "107448"
},
{
"db": "VULMON",
"id": "CVE-2018-1890"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-1890",
"trust": 2.8
},
{
"db": "BID",
"id": "107448",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002414",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2019.0665",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4753",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4295",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4779",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.0698",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.0725",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201903-037",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2018-1890",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-1890"
},
{
"db": "BID",
"id": "107448"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002414"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-037"
},
{
"db": "NVD",
"id": "CVE-2018-1890"
}
]
},
"id": "VAR-201903-1183",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.81666666
},
"last_update_date": "2024-11-23T20:34:01.437000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "0873042",
"trust": 0.8,
"url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10873042"
},
{
"title": "0873332",
"trust": 0.8,
"url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10873332"
},
{
"title": "0874750",
"trust": 0.8,
"url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10874750"
},
{
"title": "ibm-sdk-cve20181890-code-exec (152081)",
"trust": 0.8,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/152081"
},
{
"title": "IBM SDK, Java Technology Edition Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=89727"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Financial Transaction Manager for ACH Services for Multi-Platform",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=7df27f21521e8913950ff1f7b8d88a69"
},
{
"title": "IBM: IBM Security Bulletin: Multiple Vulnerabilities in IBM Java Runtime Affect IBM Sterling Connect:Direct for UNIX",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=84bafff922d0eb19dfb19aae2753434e"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli System Automation for Multiplatforms January 2019 CPU (CVE-2018-1890, CVE-2019-2426)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=57aa38652c67bd21b9c5cdf04eec256a"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Rational ClearCase (CVE-2018-12547, CVE-2018-1890)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=35cd9a5a741834b4083a02e5d8260b1b"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Financial Transaction Manager for Corporate Payment Services for Multi-Platform",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=5043c97306b264db74a4faf561f0f833"
},
{
"title": "IBM: IBM Security Bulletin: Java Vulnerability Affects IBM Connect:Direct Web Services (CVE-2018-1890)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=eb53a4067b87619cbb4cd3c81553ec31"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Watson Explorer, Watson Content Analytics and Watson Explorer Content Analytics Studio (CVE-2018-1890, CVE-2019-2426)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=6794b0d0f0f0a169fa7d9e6b389dd041"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Security Directory Integrator (CVE-2018-2800, CVE-2018-2783)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=adfbfefbebb42af7e6be998453a66abe"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Spectrum Protect Snapshot on AIX and Linux (CVE-2018-1890, CVE-2018-12547) Security Bulletin",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=d8f2c31b775ff248769a86d27d63ae0c"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Financial Transaction Manager for Digital Payments",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=c85bd6aa0d403c5674231f5e63000421"
},
{
"title": "IBM: IBM Security Bulletin: Java Vulnerability Affects IBM Sterling Connect:Direct Browser User Interface (CVE-2018-1890, CVE-2018-3180)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=2531ad7e366a9144cdff05a094c6e523"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Financial Transaction Manager for Corporate Payment Services for Multi-Platform v2.1.1",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=c6ed8e66aa78a1fd623b7a6e84d81a4b"
},
{
"title": "IBM: IBM Security Bulletin: Security Bulletin: Multiple vulnerabilities in current releases of the IBM\u00ae SDK, Java\u2122 Technology Edition affect IBM Tivoli Network Manager IP Edition (CVE-2018-1890, CVE-2019-2426)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=a90922b26b6812a8b91f9d51f1e586fe"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in current releases of the IBM\u00ae SDK, Java\u2122 Technology Edition affect IBM Tivoli Netcool Configuration Manager (CVE-2018-1890, CVE-2019-2426)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=1703c661e24351a88543d92dc49eba4f"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM\u00ae Db2\u00ae.",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=781b249f2976243583f8a9e3ed2bfb45"
},
{
"title": "IBM: IBM Security Bulletin: Vulnerabilities in IBM Runtime Environments Java Technology Edition, Versions 7 \u0026 8, IBM SDK, Java Technology Edition Version 8 and Eclipse OpenJ9 Affect Transformation Extender",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=c9a0886f49ec96e043a06aed1f1c535c"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Installation Manager and IBM Packaging Utility",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=a4b188c87bea41b26a4989bd973fe4f4"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Financial Transaction Manager for Check Services for Multi-Platform",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=f29d802129fdc02608b82bac9a82becb"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Security Directory Server",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=3848baff8cf97df18a25a0f7eda133ab"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Spectrum Protect for Enterprise Resource Planning (CVE-2018-1890, CVE-2018-12547)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=c4818cbb52f0790e8cbba2379f01e398"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM Decision Optimization Center (CVE-2018-1890, CVE-2018-12547)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=98e506f52751c8434817ab602eff3fbe"
},
{
"title": "IBM: IBM Security Bulletin: Multiple Vulnerabilities in IBM Java Runtime Affect IBM Sterling Connect:Direct File Agent",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=e2f818c213e1a981b384dfd0613ffff6"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli System Automation Application Manager January 2019 CPU (CVE-2018-1890, CVE-2019-2426)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=81834b52c609f25e35436a1cb27b0caf"
},
{
"title": "IBM: IBM Security Bulletin: Multiple Vulnerabilities in IBM Java Runtime Affect IBM Sterling Connect:Direct FTP+",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=34b0c1cd43f40bd3556992c2bdae0057"
},
{
"title": "IBM: IBM Security Bulletin: Multiple Vulnerabilities in IBM Java SDK Affect IBM Algo Credit Manager",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=943c5827df35ce6856e7d0b3cee0302e"
},
{
"title": "IBM: IBM Security Bulletin: Vulnerabilities in the Java runtime environment that IBM provides affect WebSphere eXtreme Scale",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=73571a68396629ac4aa649c9de30bda4"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Service Tester",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=41f4c5bed2fcb4588c3a657a459185b6"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Rational ClearQuest (CVE-2018-1890, CVE-2018-12547, CVE-2019-2426)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=028395c845b37e3bc7d1e044cb15d3b7"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Tivoli Netcool/OMNIbus (Multiple CVEs)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=1b8a07abf5f84208679bd69349e3471e"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Collaboration and Deployment Services",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=c38c2e74fa8717026c8b8429cbb12350"
},
{
"title": "IBM: IBM Security Bulletin: Multiple Vulnerabilities in IBM\u00ae Java SDK affect WebSphere Application Server January 2019 CPU",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=bc1514031d07999c438c0782b0724446"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Web Experience Factory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=e2df9612fa5da638915af9274a9b0d20"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2019-2426, CVE-2018-12547, CVE-2018-1890)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=2c02bf8350248b67370b255546456290"
},
{
"title": "IBM: IBM Security Bulletin: Multiple Vulnerabilities in IBM Java Runtime Affect IBM Sterling Secure Proxy",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=c202b30c26078c26fced3234f00f2268"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM\u00ae Java SDK affects WebSphere Application Server January 2019 CPU that is bundled with IBM WebSphere Application Server Patterns",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=d24fe149635464add9adb6081441b23b"
},
{
"title": "IBM: IBM Security Bulletin: Multiple Vulnerabilities in IBM\u00ae Java SDK affect Liberty for Java for IBM Cloud January 2019 CPU",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=ac2faaa8b676c29b6ce65b0e68e06501"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM ILOG CPLEX Optimization Studio and IBM CPLEX Enterprise Server (CVE-2018-1890, CVE-2018-12547, CVE-2019-2426)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=ec5948415299737dbfa5f830dc9bf9e5"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Integration Bus and IBM App Connect Enterpise v11",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=4b563f46d12c9db19e3bc6de5e0cd1d9"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli Business Service Manager",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=7a40046f1faafa441c30ce0d2ae0ac36"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect ITCAM for SOA",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=e45909b20430a86cd2441039d65d24e7"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Performance Tester",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=64a690552b3d34d6f9a6c67ea4c7d6a9"
},
{
"title": "IBM: IBM Security Bulletin: Security Vulnerabilities in IBM\u00ae Java SDK affect multiple IBM Rational products based on IBM Jazz technology Jan 2019 CPU",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=52ffbf27615a00d90fdcb0e7f8661dfe"
},
{
"title": "IBM: IBM Security Bulletin: A security vulnerability has been identified in IBM Java Runtime which affects DataQuant for z/OS",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=b23ab3321243eea7d3774210e8c56ad2"
},
{
"title": "IBM: IBM Security Bulletin: Vulnerabilities in IBM Java SDK (January 2019) affecting IBM Application Delivery Intelligence for IBM Z V5.1.0, V5.0.5 and V5.0.4",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=de992c993e39a3a54c5a0d20ca8b2f74"
},
{
"title": "IBM: IBM Security Bulletin: There are multiple vulnerabilities in IBM\u00ae SDK Java\u2122 Technology Edition, Version 7, Version 8, that is used by IBM Workload Scheduler. These issues were disclosed as part of the IBM Java SDK updates in October 2018 and January 2019.",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=d80b5770d7fe869c8738629c94a9a04d"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities may affect IBM\u00ae SDK, Java\u2122 Technology Edition",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=d20b685929d47000f40b57ae0bcc15b7"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect AIX Security Bulletin",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=bd0c9faa00e32c2b2e13bc94e4ea342f"
},
{
"title": "IBM: IBM Security Bulletin: Security vulnerabilities in IBM Java Runtime affect IBM License Key Server Administration and Reporting Tool and Agent",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=f3d2a4d089c47c18ae3573ce12f4dcff"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Rational Build Forge (CVE-2018-1890;CVE-2019-2426;CVE-2018-3139;CVE-2018-3180;CVE-2018-12547)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=99e16d50b113c70d5a0b12b364e8bd14"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affects IBM InfoSphere Information Server",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=2f24cf59a50d3d48270ced0439b54ab3"
},
{
"title": "IBM: IBM Security Bulletin: A security vulnerability has been identified in IBM Java Runtime could affect DB2 Query Management Facility (CVE-2018-12547, CVE-2019-2426, CVE-2018-1890, CVE-2018-12549, CVE-2018-11212)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=d84d9e54d8abf6a064b838c58e37586f"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Content Collector for Email",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=bfa0c11353f7afb7085210c7058bdd34"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Netcool Agile Service Manager",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=49f4f442ae4bd0c2ee6439d30ef5f688"
},
{
"title": "IBM: IBM Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU \u2013 Jan 2019 \u2013 Includes Oracle Jan 2019 CPU affects IBM Tivoli Composite Application Manager for Transactions-Robotic Response Time",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=06cb384eddb358315c180dc6e5d5454c"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM API Connect",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=2395b7e2b6feec79a12300ef7968e02f"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Cloud Transformation Advisor",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=477fcfaeb0fc747ebdc6f774a151ff59"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Security Guardium",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=55eab73b682b0564b71c9bcd8dd67137"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli Application Dependency Discovery Manager (TADDM)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=964bd4c200d925f5deebfc67866cd7a9"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM Security Identity Governance and Intelligence",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=1853dff5a9c75ba89da15ca324022ef6"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM i",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=ba7411e3d867dbb1cbcb07b8bda582d4"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli Monitoring",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=72bb5fc91cb82824951379e8309ac3eb"
},
{
"title": "IBM: IBM Security Bulletin: IBM Security Privileged Identity Manager is affected by multiple security vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=8580d3cd770371e2ef0f68ca624b80b0"
},
{
"title": "IBM: IBM Security Bulletin: IBM Security Privileged Identity Manager is affected by multiple vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=dd8c9d5928cc3b1ac8c35b4b24703e38"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-1890"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002414"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-037"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-427",
"trust": 1.0
},
{
"problemtype": "CWE-264",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-002414"
},
{
"db": "NVD",
"id": "CVE-2018-1890"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/107448"
},
{
"trust": 2.3,
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10873332"
},
{
"trust": 1.7,
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10874750"
},
{
"trust": 1.7,
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10873042"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/152081"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-1890"
},
{
"trust": 0.9,
"url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10873042"
},
{
"trust": 0.9,
"url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10874750"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-1890"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1142626"
},
{
"trust": 0.6,
"url": "http://www.ibm.com/support/docview.wss"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/76678"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/76434"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/76566"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4779/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4753/"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/ibm-java-privilege-escalation-via-rpath-28666"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1138588"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4295/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1118799"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-data-replication-affected-by-multiple-vulnerabilities-in-ibm-java-sdk/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1103337"
},
{
"trust": 0.3,
"url": "http://www.ibm.com"
},
{
"trust": 0.3,
"url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10875132"
},
{
"trust": 0.3,
"url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10873332"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/427.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-ibm-java-runtime-affect-financial-transaction-manager-for-ach-services-for-multi-platform/"
},
{
"trust": 0.1,
"url": "https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-and-ibm-java-runtime-affect-ibm-db2-4/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-1890"
},
{
"db": "BID",
"id": "107448"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002414"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-037"
},
{
"db": "NVD",
"id": "CVE-2018-1890"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2018-1890"
},
{
"db": "BID",
"id": "107448"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002414"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-037"
},
{
"db": "NVD",
"id": "CVE-2018-1890"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-03-11T00:00:00",
"db": "VULMON",
"id": "CVE-2018-1890"
},
{
"date": "2019-03-05T00:00:00",
"db": "BID",
"id": "107448"
},
{
"date": "2019-04-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-002414"
},
{
"date": "2019-03-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201903-037"
},
{
"date": "2019-03-11T22:29:00.343000",
"db": "NVD",
"id": "CVE-2018-1890"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-09T00:00:00",
"db": "VULMON",
"id": "CVE-2018-1890"
},
{
"date": "2019-03-05T00:00:00",
"db": "BID",
"id": "107448"
},
{
"date": "2019-04-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-002414"
},
{
"date": "2021-07-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201903-037"
},
{
"date": "2024-11-21T04:00:32.843000",
"db": "NVD",
"id": "CVE-2018-1890"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "107448"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-037"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM SDK, Java Technology Edition Vulnerabilities related to authorization, permissions, and access control",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-002414"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201903-037"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…