Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2022-40609 (GCVE-0-2022-40609)
Vulnerability from cvelistv5
Published
2023-08-02 14:21
Modified
2024-10-17 18:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-502 - Deserialization of Untrusted Data
Summary
IBM SDK, Java Technology Edition 7.1.5.18 and 8.0.8.0 could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization flaw. By sending specially-crafted data, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 236069.
References
| URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM | SDK, Java Technology Edition |
Version: 7.1.5.18, 8.0.8.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:21:46.488Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.ibm.com/support/pages/node/7017032"
},
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/236069"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-40609",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-17T18:51:14.953658Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-17T18:51:39.988Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SDK, Java Technology Edition",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.1.5.18, 8.0.8.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "IBM SDK, Java Technology Edition 7.1.5.18 and 8.0.8.0 could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization flaw. By sending specially-crafted data, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 236069."
}
],
"value": "IBM SDK, Java Technology Edition 7.1.5.18 and 8.0.8.0 could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization flaw. By sending specially-crafted data, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 236069."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-02T14:21:51.701Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.ibm.com/support/pages/node/7017032"
},
{
"tags": [
"vdb-entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/236069"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM SDK, Java Technology Edition code execution",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2022-40609",
"datePublished": "2023-08-02T14:21:51.701Z",
"dateReserved": "2022-09-12T19:35:30.248Z",
"dateUpdated": "2024-10-17T18:51:39.988Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2022-40609\",\"sourceIdentifier\":\"psirt@us.ibm.com\",\"published\":\"2023-08-02T15:15:09.833\",\"lastModified\":\"2024-11-21T07:21:43.020\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"IBM SDK, Java Technology Edition 7.1.5.18 and 8.0.8.0 could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization flaw. By sending specially-crafted data, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 236069.\"},{\"lang\":\"es\",\"value\":\"IBM SDK Java Technology Edition 7.1.5.18 y 8.0.8.0 podr\u00eda permitir a un atacante remoto ejecutar c\u00f3digo arbitrario en el sistema, debido a un fallo de deserializaci\u00f3n inseguro. Mediante el env\u00edo de datos especialmente dise\u00f1ados, un atacante podr\u00eda aprovechar esta vulnerabilidad para ejecutar c\u00f3digo arbitrario en el sistema. ID de IBM X-Force: 236069. \"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@us.ibm.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.2,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"psirt@us.ibm.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-502\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-502\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:sdk:*:*:*:*:java_technology:*:*:*\",\"versionEndExcluding\":\"7.1.5.19\",\"matchCriteriaId\":\"3DB46437-1714-4E42-A63F-CA2415164CE9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:sdk:*:*:*:*:java_technology:*:*:*\",\"versionStartIncluding\":\"8.0\",\"versionEndExcluding\":\"8.0.8.5\",\"matchCriteriaId\":\"59973F35-EB35-4E62-A91A-1D6D0E2693EB\"}]}]}],\"references\":[{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/236069\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"VDB Entry\",\"Vendor Advisory\"]},{\"url\":\"https://www.ibm.com/support/pages/node/7017032\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/236069\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"VDB Entry\",\"Vendor Advisory\"]},{\"url\":\"https://www.ibm.com/support/pages/node/7017032\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.ibm.com/support/pages/node/7017032\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/236069\", \"tags\": [\"vdb-entry\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T12:21:46.488Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-40609\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-10-17T18:51:14.953658Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-10-17T18:51:33.959Z\"}}], \"cna\": {\"title\": \"IBM SDK, Java Technology Edition code execution\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.1, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"IBM\", \"product\": \"SDK, Java Technology Edition\", \"versions\": [{\"status\": \"affected\", \"version\": \"7.1.5.18, 8.0.8.0\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://www.ibm.com/support/pages/node/7017032\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/236069\", \"tags\": [\"vdb-entry\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"IBM SDK, Java Technology Edition 7.1.5.18 and 8.0.8.0 could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization flaw. By sending specially-crafted data, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 236069.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"IBM SDK, Java Technology Edition 7.1.5.18 and 8.0.8.0 could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization flaw. By sending specially-crafted data, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 236069.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-502\", \"description\": \"CWE-502 Deserialization of Untrusted Data\"}]}], \"providerMetadata\": {\"orgId\": \"9a959283-ebb5-44b6-b705-dcc2bbced522\", \"shortName\": \"ibm\", \"dateUpdated\": \"2023-08-02T14:21:51.701Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2022-40609\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-10-17T18:51:39.988Z\", \"dateReserved\": \"2022-09-12T19:35:30.248Z\", \"assignerOrgId\": \"9a959283-ebb5-44b6-b705-dcc2bbced522\", \"datePublished\": \"2023-08-02T14:21:51.701Z\", \"assignerShortName\": \"ibm\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
CERTFR-2024-AVI-0113
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Sterling | Sterling File Gateway version 6.1.x antérieures à 6.1.2.4 | ||
| IBM | Sterling | Sterling B2B Integrator version 6.0.x antérieures à 6.0.3.9 | ||
| IBM | MaaS360 | MaaS360 Cloud Extender Agent versions antérieures à 3.000.300.025 | ||
| IBM | MaaS360 | MaaS360 Mobile Enterprise Gateway versions antérieures à 3.000.400 | ||
| IBM | Sterling | Sterling File Gateway version 6.0.x antérieures à 6.0.3.9 | ||
| IBM | QRadar | QRadar Pulse App versions antérieures à 2.2.12 | ||
| IBM | Sterling | Sterling B2B Integrator version 6.1.x antérieures à 6.1.2.4 | ||
| IBM | MaaS360 | MaaS360 VPN versions antérieures à 3.000.400 | ||
| IBM | Sterling | Sterling Transformation Extender versions 10.1.0, 10.1.1, 10.1.2 et 11.0.0 sans le correctif de sécurité APAR PH58718 | ||
| IBM | Sterling Control Center | Sterling Control Center versions antérieures à 6.3.0.0 iFix04 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Sterling File Gateway version 6.1.x ant\u00e9rieures \u00e0 6.1.2.4",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling B2B Integrator version 6.0.x ant\u00e9rieures \u00e0 6.0.3.9",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "MaaS360 Cloud Extender Agent versions ant\u00e9rieures \u00e0 3.000.300.025",
"product": {
"name": "MaaS360",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "MaaS360 Mobile Enterprise Gateway versions ant\u00e9rieures \u00e0 3.000.400",
"product": {
"name": "MaaS360",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling File Gateway version 6.0.x ant\u00e9rieures \u00e0 6.0.3.9",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar Pulse App versions ant\u00e9rieures \u00e0 2.2.12",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling B2B Integrator version 6.1.x ant\u00e9rieures \u00e0 6.1.2.4",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "MaaS360 VPN versions ant\u00e9rieures \u00e0 3.000.400",
"product": {
"name": "MaaS360",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Transformation Extender versions 10.1.0, 10.1.1, 10.1.2 et 11.0.0 sans le correctif de s\u00e9curit\u00e9 APAR PH58718",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Control Center versions ant\u00e9rieures \u00e0 6.3.0.0 iFix04",
"product": {
"name": "Sterling Control Center",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-46308",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46308"
},
{
"name": "CVE-2010-3300",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3300"
},
{
"name": "CVE-2022-25883",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25883"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2023-34462",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34462"
},
{
"name": "CVE-2023-34454",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34454"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2023-5363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
},
{
"name": "CVE-2023-32559",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32559"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2023-34453",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34453"
},
{
"name": "CVE-2023-22067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22067"
},
{
"name": "CVE-2022-40609",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40609"
},
{
"name": "CVE-2023-34455",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34455"
},
{
"name": "CVE-2023-46849",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46849"
},
{
"name": "CVE-2023-36478",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36478"
},
{
"name": "CVE-2023-34396",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34396"
},
{
"name": "CVE-2023-40167",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40167"
},
{
"name": "CVE-2023-41900",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41900"
},
{
"name": "CVE-2023-36479",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36479"
},
{
"name": "CVE-2023-5676",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5676"
},
{
"name": "CVE-2023-20883",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20883"
},
{
"name": "CVE-2023-32006",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32006"
},
{
"name": "CVE-2023-32002",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32002"
},
{
"name": "CVE-2023-34149",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34149"
},
{
"name": "CVE-2016-1000027",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000027"
},
{
"name": "CVE-2023-46850",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46850"
}
],
"initial_release_date": "2024-02-09T00:00:00",
"last_revision_date": "2024-02-09T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0113",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-02-09T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eles produits IBM\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non\nsp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de code arbitraire \u00e0 distance et\nun d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7116082 du 07 f\u00e9vrier 2024",
"url": "https://www.ibm.com/support/pages/node/7116082"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7115287 du 06 f\u00e9vrier 2024",
"url": "https://www.ibm.com/support/pages/node/7115287"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7114777 du 05 f\u00e9vrier 2024",
"url": "https://www.ibm.com/support/pages/node/7114777"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7116078 du 07 f\u00e9vrier 2024",
"url": "https://www.ibm.com/support/pages/node/7116078"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7116073 du 07 f\u00e9vrier 2024",
"url": "https://www.ibm.com/support/pages/node/7116073"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7116050 du 07 f\u00e9vrier 2024",
"url": "https://www.ibm.com/support/pages/node/7116050"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7116376 du 09 f\u00e9vrier 2024",
"url": "https://www.ibm.com/support/pages/node/7116376"
}
]
}
CERTFR-2023-AVI-0719
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une élévation de privilèges et une exécution de code arbitraire à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Sterling Connect:Direct | IBM Sterling Connect:Direct Web Services versions 6.2.0.x antérieures à 6.2.0.19 | ||
| IBM | Sterling | IBM Sterling Connect Direct Browser User Interface versions 1.4.1.1 et 1.5.0.2 antérieures à 1.5.0.2.iFix38 | ||
| IBM | Sterling Connect:Direct | IBM Sterling Connect:Direct Web Services versions 6.3.0.x antérieures à 6.3.0.3 | ||
| IBM | N/A | IBM Connect:Direct Web Services versions 6.1.0.x antérieures à 6.1.0.20 | ||
| IBM | QRadar WinCollect Agent | QRadar WinCollect Agent versions 10.x.x antérieures à 10.1.7 |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM Sterling Connect:Direct Web Services versions 6.2.0.x ant\u00e9rieures \u00e0 6.2.0.19",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Sterling Connect Direct Browser User Interface versions 1.4.1.1 et 1.5.0.2 ant\u00e9rieures \u00e0 1.5.0.2.iFix38",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Sterling Connect:Direct Web Services versions 6.3.0.x ant\u00e9rieures \u00e0 6.3.0.3",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Connect:Direct Web Services versions 6.1.0.x ant\u00e9rieures \u00e0 6.1.0.20",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar WinCollect Agent versions 10.x.x ant\u00e9rieures \u00e0 10.1.7",
"product": {
"name": "QRadar WinCollect Agent",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-40609",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40609"
},
{
"name": "CVE-2023-38736",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38736"
}
],
"initial_release_date": "2023-09-07T00:00:00",
"last_revision_date": "2023-09-07T00:00:00",
"links": [],
"reference": "CERTFR-2023-AVI-0719",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-09-07T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eles produits IBM\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges et\nune ex\u00e9cution de code arbitraire \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7030703 du 05 septembre 2023",
"url": "https://www.ibm.com/support/pages/node/7030703"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7030443 du 03 septembre 2023",
"url": "https://www.ibm.com/support/pages/node/7030443"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7030442 du 03 septembre 2023",
"url": "https://www.ibm.com/support/pages/node/7030442"
}
]
}
CERTFR-2023-AVI-0839
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à la confidentialité des données et une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Sterling | IBM Sterling Order Management versions 10.0.x antérieures à 10.0.2309.0 | ||
| IBM | N/A | IBM Db2 on Cloud Pak for Data versions 3.5, 4.0, 4.5, 4.6, 4.7 antérieures à 4.7 Refresh 3 | ||
| IBM | Db2 | IBM Db2 versions 10.5.0.x sans les derniers correctifs de sécurité | ||
| IBM | Db2 | IBM Db2 versions 11.1.4.x sans les derniers correctifs de sécurité | ||
| IBM | Db2 | IBM Db2 REST versions 1.0.0.121-amd64 à 1.0.0.276-amd64 antérieures à 1.0.0.291-amd64 | ||
| IBM | N/A | IBM Db2 Warehouse on Cloud Pak for Data versions 3.5, 4.0, 4.5, 4.6, 4.7 antérieures à 4.7 Refresh 3 | ||
| IBM | Db2 | IBM Db2 versions 11.5.x sans les derniers correctifs de sécurité | ||
| IBM | QRadar | IBM QRadar Network Packet Capture versions 7.5.x antérieures à 7.5.0 UP6 | ||
| IBM | QRadar SIEM | IBM QRadar SIEM versions 7.5.x antérieures à 7.5.0 UP7 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM Sterling Order Management versions 10.0.x ant\u00e9rieures \u00e0 10.0.2309.0",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Db2 on Cloud Pak for Data versions 3.5, 4.0, 4.5, 4.6, 4.7 ant\u00e9rieures \u00e0 4.7 Refresh 3",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Db2 versions 10.5.0.x sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Db2 versions 11.1.4.x sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Db2 REST versions 1.0.0.121-amd64 \u00e0 1.0.0.276-amd64 ant\u00e9rieures \u00e0 1.0.0.291-amd64",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Db2 Warehouse on Cloud Pak for Data versions 3.5, 4.0, 4.5, 4.6, 4.7 ant\u00e9rieures \u00e0 4.7 Refresh 3",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Db2 versions 11.5.x sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM QRadar Network Packet Capture versions 7.5.x ant\u00e9rieures \u00e0 7.5.0 UP6",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM QRadar SIEM versions 7.5.x ant\u00e9rieures \u00e0 7.5.0 UP7",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21938"
},
{
"name": "CVE-2019-17267",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17267"
},
{
"name": "CVE-2023-21843",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21843"
},
{
"name": "CVE-2022-21426",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21426"
},
{
"name": "CVE-2023-33201",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33201"
},
{
"name": "CVE-2023-32697",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32697"
},
{
"name": "CVE-2023-30991",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30991"
},
{
"name": "CVE-2023-29404",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29404"
},
{
"name": "CVE-2020-9546",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9546"
},
{
"name": "CVE-2023-21954",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21954"
},
{
"name": "CVE-2023-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21939"
},
{
"name": "CVE-2020-13956",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13956"
},
{
"name": "CVE-2023-29256",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29256"
},
{
"name": "CVE-2020-10673",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10673"
},
{
"name": "CVE-2020-35728",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35728"
},
{
"name": "CVE-2020-36181",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36181"
},
{
"name": "CVE-2020-9548",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9548"
},
{
"name": "CVE-2023-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21830"
},
{
"name": "CVE-2020-36182",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36182"
},
{
"name": "CVE-2020-24616",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24616"
},
{
"name": "CVE-2023-30431",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30431"
},
{
"name": "CVE-2022-42703",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42703"
},
{
"name": "CVE-2020-36185",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36185"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2023-32067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32067"
},
{
"name": "CVE-2022-25147",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25147"
},
{
"name": "CVE-2019-16942",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16942"
},
{
"name": "CVE-2020-9547",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9547"
},
{
"name": "CVE-2020-36179",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36179"
},
{
"name": "CVE-2023-29403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29403"
},
{
"name": "CVE-2023-35012",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35012"
},
{
"name": "CVE-2023-30443",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30443"
},
{
"name": "CVE-2020-36186",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36186"
},
{
"name": "CVE-2020-36189",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36189"
},
{
"name": "CVE-2020-35490",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35490"
},
{
"name": "CVE-2023-29405",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29405"
},
{
"name": "CVE-2023-34454",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34454"
},
{
"name": "CVE-2023-27869",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27869"
},
{
"name": "CVE-2021-20190",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20190"
},
{
"name": "CVE-2023-26049",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26049"
},
{
"name": "CVE-2023-32342",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32342"
},
{
"name": "CVE-2023-2828",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2828"
},
{
"name": "CVE-2023-30446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30446"
},
{
"name": "CVE-2019-16335",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16335"
},
{
"name": "CVE-2023-34453",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34453"
},
{
"name": "CVE-2023-29007",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29007"
},
{
"name": "CVE-2019-14893",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14893"
},
{
"name": "CVE-2022-3564",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3564"
},
{
"name": "CVE-2020-11113",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11113"
},
{
"name": "CVE-2023-27868",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27868"
},
{
"name": "CVE-2023-35116",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35116"
},
{
"name": "CVE-2023-20867",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20867"
},
{
"name": "CVE-2023-28709",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28709"
},
{
"name": "CVE-2020-10672",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10672"
},
{
"name": "CVE-2023-0767",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0767"
},
{
"name": "CVE-2020-10969",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10969"
},
{
"name": "CVE-2023-30445",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30445"
},
{
"name": "CVE-2022-40609",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40609"
},
{
"name": "CVE-2020-36187",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36187"
},
{
"name": "CVE-2023-30447",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30447"
},
{
"name": "CVE-2023-30442",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30442"
},
{
"name": "CVE-2023-34455",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34455"
},
{
"name": "CVE-2023-30441",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30441"
},
{
"name": "CVE-2020-11620",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11620"
},
{
"name": "CVE-2023-27867",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27867"
},
{
"name": "CVE-2023-34396",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34396"
},
{
"name": "CVE-2020-24750",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24750"
},
{
"name": "CVE-2022-37434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37434"
},
{
"name": "CVE-2023-39976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39976"
},
{
"name": "CVE-2019-16943",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16943"
},
{
"name": "CVE-2022-4378",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4378"
},
{
"name": "CVE-2020-28491",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28491"
},
{
"name": "CVE-2019-20330",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20330"
},
{
"name": "CVE-2020-14195",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14195"
},
{
"name": "CVE-2023-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21937"
},
{
"name": "CVE-2023-22809",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22809"
},
{
"name": "CVE-2020-35491",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35491"
},
{
"name": "CVE-2019-17531",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17531"
},
{
"name": "CVE-2023-33850",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33850"
},
{
"name": "CVE-2023-30448",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30448"
},
{
"name": "CVE-2020-14061",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14061"
},
{
"name": "CVE-2023-2597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2597"
},
{
"name": "CVE-2020-11619",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11619"
},
{
"name": "CVE-2022-48339",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48339"
},
{
"name": "CVE-2023-27558",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27558"
},
{
"name": "CVE-2020-36183",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36183"
},
{
"name": "CVE-2020-8840",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8840"
},
{
"name": "CVE-2023-38408",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38408"
},
{
"name": "CVE-2023-34981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34981"
},
{
"name": "CVE-2023-30449",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30449"
},
{
"name": "CVE-2020-36184",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36184"
},
{
"name": "CVE-2023-30994",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30994"
},
{
"name": "CVE-2020-36180",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36180"
},
{
"name": "CVE-2023-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21968"
},
{
"name": "CVE-2019-14540",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14540"
},
{
"name": "CVE-2023-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21930"
},
{
"name": "CVE-2023-25652",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25652"
},
{
"name": "CVE-2023-24998",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24998"
},
{
"name": "CVE-2023-23487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23487"
},
{
"name": "CVE-2020-10968",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10968"
},
{
"name": "CVE-2020-25649",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25649"
},
{
"name": "CVE-2023-2976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
},
{
"name": "CVE-2023-40367",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40367"
},
{
"name": "CVE-2023-29402",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29402"
},
{
"name": "CVE-2023-26048",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26048"
},
{
"name": "CVE-2020-11112",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11112"
},
{
"name": "CVE-2023-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21967"
},
{
"name": "CVE-2020-11111",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11111"
},
{
"name": "CVE-2023-34149",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34149"
},
{
"name": "CVE-2020-14060",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14060"
},
{
"name": "CVE-2020-36188",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36188"
},
{
"name": "CVE-2016-1000027",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000027"
},
{
"name": "CVE-2019-14892",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14892"
},
{
"name": "CVE-2020-14062",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14062"
}
],
"initial_release_date": "2023-10-13T00:00:00",
"last_revision_date": "2023-10-13T00:00:00",
"links": [],
"reference": "CERTFR-2023-AVI-0839",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-10-13T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eles produits IBM\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une\n\u00e9l\u00e9vation de privil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7047565 du 06 octobre 2023",
"url": "https://www.ibm.com/support/pages/node/7047565"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7049129 du 10 octobre 2023",
"url": "https://www.ibm.com/support/pages/node/7049129"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7047481 du 06 octobre 2023",
"url": "https://www.ibm.com/support/pages/node/7047481"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7049434 du 10 octobre 2023",
"url": "https://www.ibm.com/support/pages/node/7049434"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7047499 du 06 octobre 2023",
"url": "https://www.ibm.com/support/pages/node/7047499"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7047754 du 06 octobre 2023",
"url": "https://www.ibm.com/support/pages/node/7047754"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7049133 du 10 octobre 2023",
"url": "https://www.ibm.com/support/pages/node/7049133"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7047724 du 06 octobre 2023",
"url": "https://www.ibm.com/support/pages/node/7047724"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7049435 du 10 octobre 2023",
"url": "https://www.ibm.com/support/pages/node/7049435"
}
]
}
CERTFR-2023-AVI-0705
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à l'intégrité des données et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Sterling | IBM Sterling Secure Proxy versions versions antérieures à 6.0.3 sans le correctif de sécurité iFix08 | ||
| IBM | Sterling | IBM Sterling External Authentication Server versions antérieures à 6.0.3 sans le correctif de sécurité iFix 08 | ||
| IBM | Sterling | IBM Sterling Secure Proxy versions versions antérieures à 6.1.0 sans le correctif de sécurité GA | ||
| IBM | QRadar User Behavior Analytics | IBM QRadar User Behavior Analytics versions antérieures à 4.1.13 | ||
| IBM | Tivoli Monitoring | IBM Tivoli Monitoring versions 6.x.x antérieures à 6.3.0.7 Plus Service Pack 5 | ||
| IBM | Cloud Pak | IBM Cognos Dashboards on Cloud Pak for Data versions 4.7.x antérieures à 4.7.2 | ||
| IBM | Sterling | IBM Sterling External Authentication Server versions antérieures à 6.1.0 sans le correctif de sécurité iFix 04 |
References
| Title | Publication Time | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM Sterling Secure Proxy versions versions ant\u00e9rieures \u00e0 6.0.3 sans le correctif de s\u00e9curit\u00e9 iFix08",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Sterling External Authentication Server versions ant\u00e9rieures \u00e0 6.0.3 sans le correctif de s\u00e9curit\u00e9 iFix 08",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Sterling Secure Proxy versions versions ant\u00e9rieures \u00e0 6.1.0 sans le correctif de s\u00e9curit\u00e9 GA",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM QRadar User Behavior Analytics versions ant\u00e9rieures \u00e0 4.1.13",
"product": {
"name": "QRadar User Behavior Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Tivoli Monitoring versions 6.x.x ant\u00e9rieures \u00e0 6.3.0.7 Plus Service Pack 5",
"product": {
"name": "Tivoli Monitoring",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Cognos Dashboards on Cloud Pak for Data versions 4.7.x ant\u00e9rieures \u00e0 4.7.2",
"product": {
"name": "Cloud Pak",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Sterling External Authentication Server versions ant\u00e9rieures \u00e0 6.1.0 sans le correctif de s\u00e9curit\u00e9 iFix 04",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21938"
},
{
"name": "CVE-2022-32213",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32213"
},
{
"name": "CVE-2023-32697",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32697"
},
{
"name": "CVE-2022-46175",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46175"
},
{
"name": "CVE-2020-28498",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28498"
},
{
"name": "CVE-2023-37920",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37920"
},
{
"name": "CVE-2023-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21939"
},
{
"name": "CVE-2023-27554",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27554"
},
{
"name": "CVE-2023-1436",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1436"
},
{
"name": "CVE-2021-23440",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23440"
},
{
"name": "CVE-2022-25883",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25883"
},
{
"name": "CVE-2020-13936",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13936"
},
{
"name": "CVE-2023-26049",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26049"
},
{
"name": "CVE-2023-32342",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32342"
},
{
"name": "CVE-2022-40149",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40149"
},
{
"name": "CVE-2022-39161",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39161"
},
{
"name": "CVE-2021-43803",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43803"
},
{
"name": "CVE-2022-32222",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32222"
},
{
"name": "CVE-2023-24966",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24966"
},
{
"name": "CVE-2022-32212",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32212"
},
{
"name": "CVE-2022-40150",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40150"
},
{
"name": "CVE-2022-40609",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40609"
},
{
"name": "CVE-2023-26920",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26920"
},
{
"name": "CVE-2021-33813",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33813"
},
{
"name": "CVE-2022-45693",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45693"
},
{
"name": "CVE-2023-35890",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35890"
},
{
"name": "CVE-2022-3517",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3517"
},
{
"name": "CVE-2023-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21937"
},
{
"name": "CVE-2022-32215",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32215"
},
{
"name": "CVE-2021-3803",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3803"
},
{
"name": "CVE-2023-2597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2597"
},
{
"name": "CVE-2023-29261",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29261"
},
{
"name": "CVE-2021-37699",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37699"
},
{
"name": "CVE-2023-34104",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34104"
},
{
"name": "CVE-2022-45685",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45685"
},
{
"name": "CVE-2023-25690",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25690"
},
{
"name": "CVE-2023-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21968"
},
{
"name": "CVE-2022-32214",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32214"
},
{
"name": "CVE-2022-38900",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38900"
},
{
"name": "CVE-2023-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21930"
},
{
"name": "CVE-2023-24998",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24998"
},
{
"name": "CVE-2023-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22874"
},
{
"name": "CVE-2023-26136",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26136"
},
{
"name": "CVE-2023-26048",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26048"
},
{
"name": "CVE-2023-32338",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32338"
},
{
"name": "CVE-2022-25858",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25858"
}
],
"initial_release_date": "2023-09-01T00:00:00",
"last_revision_date": "2023-09-01T00:00:00",
"links": [],
"reference": "CERTFR-2023-AVI-0705",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-09-01T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eles produits IBM\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7029765 du 31 ao\u00fbt 2023",
"url": "https://www.ibm.com/support/pages/node/7029765"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7029766 du 31 ao\u00fbt 2023",
"url": "https://www.ibm.com/support/pages/node/7029766"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7027925 du 31 ao\u00fbt 2023",
"url": "https://www.ibm.com/support/pages/node/7027925"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7029732 du 31 ao\u00fbt 2023",
"url": "https://www.ibm.com/support/pages/node/7029732"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7029864 du 31 ao\u00fbt 2023",
"url": "https://www.ibm.com/support/pages/node/7029864"
}
]
}
CERTFR-2024-AVI-0180
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à la confidentialité des données et une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Cognos Analytics | Cognos Analytics versions 11.2.x antérieures à 11.2.4 Fix Pack 3 | ||
| IBM | Cognos Analytics | Cognos Analytics versions 11.1.x antérieures à 11.1.7 Fix Pack 8 | ||
| IBM | AIX | AIX versions 7.2 et 7.3 sans le dernier correctif de sécurité OpenSSH | ||
| IBM | Cognos Analytics | Cognos Analytics versions 12.0.x antérieures à 12.0.2 | ||
| IBM | WebSphere | Websphere Liberty versions antérieures à 23.0.0.12 | ||
| IBM | VIOS | VIOS versions 3.1 et 4.1 sans le dernier correctif de sécurité OpenSSH | ||
| IBM | Cloud Pak | Cognos Dashboards on Cloud Pak for Data versions antérieures à 4.8.3 | ||
| IBM | N/A | Cognos Command Center versions antérieures à 10.2.5 IF1 | ||
| IBM | Cognos Transformer | Cognos Transformer versions antérieures à 11.1.7 Fix Pack 8 |
References
| Title | Publication Time | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Cognos Analytics versions 11.2.x ant\u00e9rieures \u00e0 11.2.4 Fix Pack 3",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Analytics versions 11.1.x ant\u00e9rieures \u00e0 11.1.7 Fix Pack 8",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "AIX versions 7.2 et 7.3 sans le dernier correctif de s\u00e9curit\u00e9 OpenSSH",
"product": {
"name": "AIX",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Analytics versions 12.0.x ant\u00e9rieures \u00e0 12.0.2",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Websphere Liberty versions ant\u00e9rieures \u00e0 23.0.0.12",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "VIOS versions 3.1 et 4.1 sans le dernier correctif de s\u00e9curit\u00e9 OpenSSH",
"product": {
"name": "VIOS",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Dashboards on Cloud Pak for Data versions ant\u00e9rieures \u00e0 4.8.3",
"product": {
"name": "Cloud Pak",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Command Center versions ant\u00e9rieures \u00e0 10.2.5 IF1",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Transformer versions ant\u00e9rieures \u00e0 11.1.7 Fix Pack 8",
"product": {
"name": "Cognos Transformer",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2021-44906",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44906"
},
{
"name": "CVE-2023-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21938"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2023-21843",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21843"
},
{
"name": "CVE-2022-21426",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21426"
},
{
"name": "CVE-2021-35586",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35586"
},
{
"name": "CVE-2023-1370",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1370"
},
{
"name": "CVE-2023-45857",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45857"
},
{
"name": "CVE-2021-35550",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35550"
},
{
"name": "CVE-2023-51385",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51385"
},
{
"name": "CVE-2023-46234",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46234"
},
{
"name": "CVE-2023-38359",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38359"
},
{
"name": "CVE-2021-3572",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3572"
},
{
"name": "CVE-2023-21954",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21954"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2023-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21939"
},
{
"name": "CVE-2023-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21830"
},
{
"name": "CVE-2023-3817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2022-21299",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21299"
},
{
"name": "CVE-2023-50324",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50324"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2023-45133",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45133"
},
{
"name": "CVE-2020-28458",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28458"
},
{
"name": "CVE-2023-26115",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26115"
},
{
"name": "CVE-2022-40897",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40897"
},
{
"name": "CVE-2023-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
},
{
"name": "CVE-2023-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2020-1971",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1971"
},
{
"name": "CVE-2021-4160",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4160"
},
{
"name": "CVE-2021-35559",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35559"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2021-43138",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43138"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2021-35565",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35565"
},
{
"name": "CVE-2023-30589",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30589"
},
{
"name": "CVE-2021-23445",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23445"
},
{
"name": "CVE-2021-35603",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35603"
},
{
"name": "CVE-2022-46364",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46364"
},
{
"name": "CVE-2021-3711",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3711"
},
{
"name": "CVE-2023-0464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
},
{
"name": "CVE-2021-3449",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3449"
},
{
"name": "CVE-2022-40609",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40609"
},
{
"name": "CVE-2023-32344",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32344"
},
{
"name": "CVE-2023-43051",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43051"
},
{
"name": "CVE-2023-36478",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36478"
},
{
"name": "CVE-2019-1547",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1547"
},
{
"name": "CVE-2023-39410",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39410"
},
{
"name": "CVE-2021-35588",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35588"
},
{
"name": "CVE-2021-23839",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23839"
},
{
"name": "CVE-2023-30588",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30588"
},
{
"name": "CVE-2012-5784",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5784"
},
{
"name": "CVE-2023-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21937"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2021-41035",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41035"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2018-8032",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8032"
},
{
"name": "CVE-2022-21434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21434"
},
{
"name": "CVE-2023-2597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2597"
},
{
"name": "CVE-2022-34169",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34169"
},
{
"name": "CVE-2023-22049",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22049"
},
{
"name": "CVE-2022-0778",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0778"
},
{
"name": "CVE-2022-41854",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41854"
},
{
"name": "CVE-2021-35578",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35578"
},
{
"name": "CVE-2021-28167",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28167"
},
{
"name": "CVE-2023-5676",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5676"
},
{
"name": "CVE-2022-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
},
{
"name": "CVE-2021-31684",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31684"
},
{
"name": "CVE-2023-46604",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46604"
},
{
"name": "CVE-2010-2084",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2084"
},
{
"name": "CVE-2019-0227",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0227"
},
{
"name": "CVE-2021-3712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3712"
},
{
"name": "CVE-2023-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21968"
},
{
"name": "CVE-2023-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21930"
},
{
"name": "CVE-2023-24998",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24998"
},
{
"name": "CVE-2022-34357",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34357"
},
{
"name": "CVE-2021-35564",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35564"
},
{
"name": "CVE-2021-23840",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23840"
},
{
"name": "CVE-2023-46158",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46158"
},
{
"name": "CVE-2014-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3596"
},
{
"name": "CVE-2022-21496",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21496"
},
{
"name": "CVE-2021-35556",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35556"
},
{
"name": "CVE-2022-1471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1471"
},
{
"name": "CVE-2023-26136",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26136"
},
{
"name": "CVE-2022-21443",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21443"
},
{
"name": "CVE-2021-23841",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23841"
},
{
"name": "CVE-2021-35560",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35560"
},
{
"name": "CVE-2023-51384",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51384"
},
{
"name": "CVE-2022-34165",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34165"
},
{
"name": "CVE-2023-30996",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30996"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2023-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21967"
}
],
"initial_release_date": "2024-03-01T00:00:00",
"last_revision_date": "2024-03-01T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0180",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-03-01T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eles produits IBM\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une\n\u00e9l\u00e9vation de privil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7112541 du 23 f\u00e9vrier 2024",
"url": "https://www.ibm.com/support/pages/node/7112541"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7125640 du 28 f\u00e9vrier 2024",
"url": "https://www.ibm.com/support/pages/node/7125640"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7124466 du 28 f\u00e9vrier 2024",
"url": "https://www.ibm.com/support/pages/node/7124466"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7112504 du 28 f\u00e9vrier 2024",
"url": "https://www.ibm.com/support/pages/node/7112504"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7125461 du 28 f\u00e9vrier 2024",
"url": "https://www.ibm.com/support/pages/node/7125461"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7123154 du 23 f\u00e9vrier 2024",
"url": "https://www.ibm.com/support/pages/node/7123154"
}
]
}
CERTFR-2023-AVI-0630
Vulnerability from certfr_avis
Une vulnérabilité a été découverte dans IBM WebSphere. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM WebSphere Application Server versions 9.0 sans le correctif de s\u00e9curit\u00e9 du kit de d\u00e9veloppement logiciel (SDK) JTE version 8 Service Refresh 8 FP5",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM WebSphere Application Server versions 8.5.x ant\u00e9rieures \u00e0 8.5.5.24",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-40609",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40609"
}
],
"initial_release_date": "2023-08-08T00:00:00",
"last_revision_date": "2023-08-08T00:00:00",
"links": [],
"reference": "CERTFR-2023-AVI-0630",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-08-08T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans IBM WebSphere. Elle permet \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans IBM WebSphere",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7022475 du 07 ao\u00fbt 2023",
"url": "https://www.ibm.com/support/pages/node/7022475"
}
]
}
CERTFR-2024-AVI-0228
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à la confidentialité des données et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Sterling | Sterling Connect - Direct pour Microsoft Windows versions 6.3.0.x antérieures à 6.3.0.2_iFix012 | ||
| IBM | Sterling | Sterling Secure Proxy versions 6.1.0 sans le correctif de sécurité iFix 03 | ||
| IBM | Sterling | Sterling Secure Proxy versions 6.0.3 sans le correctif de sécurité iFix 11 | ||
| IBM | Sterling | Sterling Partner Engagement Manager versions 6.2.2.x antérieures à 6.2.2.2 sans le dernier correctif de sécurité | ||
| IBM | QRadar SIEM | QRadar SIEM versions 7.5.x antérieures à 7.5.0 UP7 IF06 | ||
| IBM | Sterling | Sterling Connect - Direct pour Microsoft Windows versions 6.2.0.x antérieures à 6.2.0.6_iFix012 | ||
| IBM | Db2 | IBM Db2 Web Query pour i version 2.4.0 sans les correctifs de sécurité SI85982 et SI85987 | ||
| IBM | Sterling | Sterling Partner Engagement Manager versions 6.2.0.x antérieures à 6.2.0.7 sans le dernier correctif de sécurité | ||
| IBM | Sterling | Sterling Connect - Direct File Agent versions 1.4.0.x antérieures à 1.4.0.3_iFix004 | ||
| IBM | Sterling | Sterling Partner Engagement Manager versions 6.1.2.x antérieures à 6.1.2.9 sans le dernier correctif de sécurité |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Sterling Connect - Direct pour Microsoft Windows versions 6.3.0.x ant\u00e9rieures \u00e0 6.3.0.2_iFix012",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Secure Proxy versions 6.1.0 sans le correctif de s\u00e9curit\u00e9 iFix 03",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Secure Proxy versions 6.0.3 sans le correctif de s\u00e9curit\u00e9 iFix 11",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Partner Engagement Manager versions 6.2.2.x ant\u00e9rieures \u00e0 6.2.2.2 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar SIEM versions 7.5.x ant\u00e9rieures \u00e0 7.5.0 UP7 IF06",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect - Direct pour Microsoft Windows versions 6.2.0.x ant\u00e9rieures \u00e0 6.2.0.6_iFix012",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Db2 Web Query pour i version 2.4.0 sans les correctifs de s\u00e9curit\u00e9 SI85982 et SI85987",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Partner Engagement Manager versions 6.2.0.x ant\u00e9rieures \u00e0 6.2.0.7 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect - Direct File Agent versions 1.4.0.x ant\u00e9rieures \u00e0 1.4.0.3_iFix004",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Partner Engagement Manager versions 6.1.2.x ant\u00e9rieures \u00e0 6.1.2.9 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2024-20919",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20919"
},
{
"name": "CVE-2023-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21938"
},
{
"name": "CVE-2023-43642",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43642"
},
{
"name": "CVE-2022-45688",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45688"
},
{
"name": "CVE-2023-21954",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21954"
},
{
"name": "CVE-2023-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21939"
},
{
"name": "CVE-2024-20926",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20926"
},
{
"name": "CVE-2023-47699",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47699"
},
{
"name": "CVE-2023-46179",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46179"
},
{
"name": "CVE-2024-22361",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22361"
},
{
"name": "CVE-2024-20921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20921"
},
{
"name": "CVE-2023-46182",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46182"
},
{
"name": "CVE-2023-34454",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34454"
},
{
"name": "CVE-2022-46337",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46337"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2023-47147",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47147"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2023-34453",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34453"
},
{
"name": "CVE-2022-41678",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41678"
},
{
"name": "CVE-2023-5072",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5072"
},
{
"name": "CVE-2018-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8088"
},
{
"name": "CVE-2023-34034",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34034"
},
{
"name": "CVE-2023-22067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22067"
},
{
"name": "CVE-2022-40609",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40609"
},
{
"name": "CVE-2023-34455",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34455"
},
{
"name": "CVE-2023-36478",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36478"
},
{
"name": "CVE-2023-44981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44981"
},
{
"name": "CVE-2023-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21937"
},
{
"name": "CVE-2023-52428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52428"
},
{
"name": "CVE-2023-33850",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33850"
},
{
"name": "CVE-2023-39685",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39685"
},
{
"name": "CVE-2023-47162",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47162"
},
{
"name": "CVE-2023-40167",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40167"
},
{
"name": "CVE-2023-41900",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41900"
},
{
"name": "CVE-2023-2597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2597"
},
{
"name": "CVE-2022-34169",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34169"
},
{
"name": "CVE-2023-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22045"
},
{
"name": "CVE-2023-22049",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22049"
},
{
"name": "CVE-2023-36479",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36479"
},
{
"name": "CVE-2023-5676",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5676"
},
{
"name": "CVE-2023-46604",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46604"
},
{
"name": "CVE-2023-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21968"
},
{
"name": "CVE-2024-20932",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20932"
},
{
"name": "CVE-2023-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21930"
},
{
"name": "CVE-2023-24998",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24998"
},
{
"name": "CVE-2024-20918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20918"
},
{
"name": "CVE-2023-45177",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45177"
},
{
"name": "CVE-2023-2976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
},
{
"name": "CVE-2023-38039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38039"
},
{
"name": "CVE-2024-20945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20945"
},
{
"name": "CVE-2023-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21967"
},
{
"name": "CVE-2022-24839",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24839"
},
{
"name": "CVE-2024-20952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20952"
},
{
"name": "CVE-2023-46181",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46181"
}
],
"initial_release_date": "2024-03-15T00:00:00",
"last_revision_date": "2024-03-15T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0228",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-03-15T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eles produits IBM\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une\natteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7142007 du 14 mars 2024",
"url": "https://www.ibm.com/support/pages/node/7142007"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7142038 du 14 mars 2024",
"url": "https://www.ibm.com/support/pages/node/7142038"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7138527 du 12 mars 2024",
"url": "https://www.ibm.com/support/pages/node/7138527"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7138509 du 12 mars 2024",
"url": "https://www.ibm.com/support/pages/node/7138509"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7140420 du 13 mars 2024",
"url": "https://www.ibm.com/support/pages/node/7140420"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7138477 du 12 mars 2024",
"url": "https://www.ibm.com/support/pages/node/7138477"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7142032 du 14 mars 2024",
"url": "https://www.ibm.com/support/pages/node/7142032"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7138522 du 12 mars 2024",
"url": "https://www.ibm.com/support/pages/node/7138522"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7137248 du 12 mars 2024",
"url": "https://www.ibm.com/support/pages/node/7137248"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7137258 du 12 mars 2024",
"url": "https://www.ibm.com/support/pages/node/7137258"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7138503 du 12 mars 2024",
"url": "https://www.ibm.com/support/pages/node/7138503"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7142006 du 14 mars 2024",
"url": "https://www.ibm.com/support/pages/node/7142006"
}
]
}
wid-sec-w-2023-1930
Vulnerability from csaf_certbund
Published
2023-07-31 22:00
Modified
2025-01-02 23:00
Summary
IBM Java: Schwachstelle ermöglicht Codeausführung
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
IBM Java Runtime ist die Java Runtime Environment (kurz JRE) Portierung von IBM.
Angriff
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in IBM Java ausnutzen, um beliebigen Programmcode auszuführen.
Betroffene Betriebssysteme
- Linux
- Sonstiges
- UNIX
- Windows
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "IBM Java Runtime ist die Java Runtime Environment (kurz JRE) Portierung von IBM.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in IBM Java ausnutzen, um beliebigen Programmcode auszuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-1930 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1930.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-1930 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1930"
},
{
"category": "external",
"summary": "IBM Security Bulletin vom 2023-07-31",
"url": "https://www.ibm.com/support/pages/node/7017032"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7022475 vom 2023-08-07",
"url": "https://www.ibm.com/support/pages/node/7022475"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7022836 vom 2023-08-07",
"url": "https://www.ibm.com/support/pages/node/7022836"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7023275 vom 2023-08-08",
"url": "https://www.ibm.com/support/pages/node/7023275"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7024675 vom 2023-08-09",
"url": "https://www.ibm.com/support/pages/node/7024675"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7026489 vom 2023-08-14",
"url": "https://www.ibm.com/support/pages/node/7026489"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7027898 vom 2023-08-17",
"url": "https://www.ibm.com/support/pages/node/7027898"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7028404 vom 2023-08-23",
"url": "https://www.ibm.com/support/pages/node/7028404"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:3406-1 vom 2023-08-23",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-August/016004.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:3441-1 vom 2023-08-28",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-August/016025.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7029662 vom 2023-08-29",
"url": "https://www.ibm.com/support/pages/node/7029662"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7027874 vom 2023-08-31",
"url": "https://www.ibm.com/support/pages/node/7027874"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7030225 vom 2023-08-31",
"url": "https://aix.software.ibm.com/aix/efixes/security/java_aug2023_advisory.asc"
},
{
"category": "external",
"summary": "IBM Security Bulletin",
"url": "https://www.ibm.com/support/pages/node/7030522"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7030613 vom 2023-09-05",
"url": "https://www.ibm.com/support/pages/node/7030613"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7030664 vom 2023-09-05",
"url": "https://www.ibm.com/support/pages/node/7030664"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7029361 vom 2023-09-08",
"url": "https://www.ibm.com/support/pages/node/7029361"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7047724 vom 2023-10-06",
"url": "https://www.ibm.com/support/pages/node/7047724"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7058366 vom 2023-10-24",
"url": "https://www.ibm.com/support/pages/node/7058366"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7059262 vom 2023-10-25",
"url": "https://www.ibm.com/support/pages/node/7059262"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7059914 vom 2023-10-25",
"url": "https://www.ibm.com/support/pages/node/7059914"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7076274 vom 2023-11-15",
"url": "https://www.ibm.com/support/pages/node/7076274"
},
{
"category": "external",
"summary": "HCL Security Bulletin vom 2024-05-01",
"url": "https://support.hcltechsw.com/community?id=community_blog\u0026sys_id=1387c6571b39c29c574121f7ec4bcbd5"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7150063 vom 2024-05-02",
"url": "https://www.ibm.com/support/pages/node/7150063"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7150657 vom 2024-05-09",
"url": "https://www.ibm.com/support/pages/node/7150657"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7179223 vom 2024-12-17",
"url": "https://www.ibm.com/support/pages/node/7179223"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7180128 vom 2025-01-02",
"url": "https://www.ibm.com/support/pages/node/7180128"
}
],
"source_lang": "en-US",
"title": "IBM Java: Schwachstelle erm\u00f6glicht Codeausf\u00fchrung",
"tracking": {
"current_release_date": "2025-01-02T23:00:00.000+00:00",
"generator": {
"date": "2025-01-03T09:20:44.801+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.10"
}
},
"id": "WID-SEC-W-2023-1930",
"initial_release_date": "2023-07-31T22:00:00.000+00:00",
"revision_history": [
{
"date": "2023-07-31T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2023-08-07T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-08-08T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von IBM und IBM-APAR aufgenommen"
},
{
"date": "2023-08-14T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-08-16T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von IBM und IBM-APAR aufgenommen"
},
{
"date": "2023-08-22T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-08-23T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2023-08-27T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2023-08-29T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-08-30T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-08-31T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-09-04T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-09-05T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-09-10T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-10-08T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-10-24T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-10-25T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-11-15T23:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-05-01T22:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2024-05-02T22:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-05-09T22:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-12-17T23:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-01-02T23:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von IBM aufgenommen"
}
],
"status": "final",
"version": "23"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "HCL Commerce",
"product": {
"name": "HCL Commerce",
"product_id": "T019294",
"product_identification_helper": {
"cpe": "cpe:/a:hcltechsw:commerce:-"
}
}
}
],
"category": "vendor",
"name": "HCL"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "7.3",
"product": {
"name": "IBM AIX 7.3",
"product_id": "T021486",
"product_identification_helper": {
"cpe": "cpe:/o:ibm:aix:7.3"
}
}
},
{
"category": "product_version",
"name": "7.2",
"product": {
"name": "IBM AIX 7.2",
"product_id": "T029652",
"product_identification_helper": {
"cpe": "cpe:/o:ibm:aix:7.2"
}
}
}
],
"category": "product_name",
"name": "AIX"
},
{
"branches": [
{
"category": "product_version",
"name": "21.0.2",
"product": {
"name": "IBM Business Automation Workflow 21.0.2",
"product_id": "1055431",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:21.0.2"
}
}
},
{
"category": "product_version",
"name": "21.0.3",
"product": {
"name": "IBM Business Automation Workflow 21.0.3",
"product_id": "1150328",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:21.0.3"
}
}
},
{
"category": "product_version",
"name": "22.0.1",
"product": {
"name": "IBM Business Automation Workflow 22.0.1",
"product_id": "1268578",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:22.0.1"
}
}
},
{
"category": "product_version",
"name": "18.0.0.0",
"product": {
"name": "IBM Business Automation Workflow 18.0.0.0",
"product_id": "389078",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:18.0.0.0"
}
}
},
{
"category": "product_version",
"name": "18.0.0.1",
"product": {
"name": "IBM Business Automation Workflow 18.0.0.1",
"product_id": "389079",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:18.0.0.1"
}
}
},
{
"category": "product_version",
"name": "18.0.0.2",
"product": {
"name": "IBM Business Automation Workflow 18.0.0.2",
"product_id": "428468",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:18.0.0.2"
}
}
},
{
"category": "product_version",
"name": "19.0.0.1",
"product": {
"name": "IBM Business Automation Workflow 19.0.0.1",
"product_id": "433292",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:19.0.0.1"
}
}
},
{
"category": "product_version",
"name": "19.0.0.2",
"product": {
"name": "IBM Business Automation Workflow 19.0.0.2",
"product_id": "672243",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:19.0.0.2"
}
}
},
{
"category": "product_version",
"name": "19.0.0.3",
"product": {
"name": "IBM Business Automation Workflow 19.0.0.3",
"product_id": "672244",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:19.0.0.3"
}
}
},
{
"category": "product_version",
"name": "20.0.0.1",
"product": {
"name": "IBM Business Automation Workflow 20.0.0.1",
"product_id": "867559",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:20.0.0.1"
}
}
},
{
"category": "product_version",
"name": "20.0.0.2",
"product": {
"name": "IBM Business Automation Workflow 20.0.0.2",
"product_id": "867560",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:20.0.0.2"
}
}
},
{
"category": "product_version",
"name": "22.0.2",
"product": {
"name": "IBM Business Automation Workflow 22.0.2",
"product_id": "T027961",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:22.0.2"
}
}
}
],
"category": "product_name",
"name": "Business Automation Workflow"
},
{
"category": "product_name",
"name": "IBM DB2",
"product": {
"name": "IBM DB2",
"product_id": "5104",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:db2:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "5.5.8",
"product": {
"name": "IBM FileNet Content Manager 5.5.8",
"product_id": "T024608",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:filenet_content_manager:5.5.8"
}
}
},
{
"category": "product_version",
"name": "5.5.9",
"product": {
"name": "IBM FileNet Content Manager 5.5.9",
"product_id": "T024609",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:filenet_content_manager:5.5.9"
}
}
}
],
"category": "product_name",
"name": "FileNet Content Manager"
},
{
"branches": [
{
"category": "product_version",
"name": "11.7",
"product": {
"name": "IBM InfoSphere Information Server 11.7",
"product_id": "444803",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:infosphere_information_server:11.7"
}
}
}
],
"category": "product_name",
"name": "InfoSphere Information Server"
},
{
"branches": [
{
"category": "product_version",
"name": "Dynamic Server",
"product": {
"name": "IBM Informix Dynamic Server",
"product_id": "T039902",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:informix:dynamic_server"
}
}
}
],
"category": "product_name",
"name": "Informix"
},
{
"branches": [
{
"category": "product_version",
"name": "10.1-10.1.0.1",
"product": {
"name": "IBM Integration Bus 10.1-10.1.0.1",
"product_id": "T028402",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:integration_bus:10.1_-_10.1.0.1"
}
}
}
],
"category": "product_name",
"name": "Integration Bus"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c7.1.5.19",
"product": {
"name": "IBM Java \u003c7.1.5.19",
"product_id": "T028988"
}
},
{
"category": "product_version",
"name": "7.1.5.19",
"product": {
"name": "IBM Java 7.1.5.19",
"product_id": "T028988-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:jre:7.1.5.19"
}
}
},
{
"category": "product_version_range",
"name": "\u003c8.0.8.5",
"product": {
"name": "IBM Java \u003c8.0.8.5",
"product_id": "T028989"
}
},
{
"category": "product_version",
"name": "8.0.8.5",
"product": {
"name": "IBM Java 8.0.8.5",
"product_id": "T028989-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:jre:8.0.8.5"
}
}
}
],
"category": "product_name",
"name": "Java"
},
{
"branches": [
{
"category": "product_version",
"name": "7.6.1.3",
"product": {
"name": "IBM Maximo Asset Management 7.6.1.3",
"product_id": "1234217",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:maximo_asset_management:7.6.1.3"
}
}
},
{
"category": "product_version",
"name": "7.6.1.2",
"product": {
"name": "IBM Maximo Asset Management 7.6.1.2",
"product_id": "812526",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:maximo_asset_management:7.6.1.2"
}
}
}
],
"category": "product_name",
"name": "Maximo Asset Management"
},
{
"category": "product_name",
"name": "IBM Operational Decision Manager",
"product": {
"name": "IBM Operational Decision Manager",
"product_id": "T005180",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:operational_decision_manager:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.1.1020.0 ppc",
"product": {
"name": "IBM Power Hardware Management Console \u003c10.1.1020.0 ppc",
"product_id": "T029373"
}
},
{
"category": "product_version",
"name": "10.1.1020.0 ppc",
"product": {
"name": "IBM Power Hardware Management Console 10.1.1020.0 ppc",
"product_id": "T029373-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:hardware_management_console:10.1.1020.0_ppc"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.1.1020.0 x86",
"product": {
"name": "IBM Power Hardware Management Console \u003c10.1.1020.0 x86",
"product_id": "T029374"
}
},
{
"category": "product_version",
"name": "10.1.1020.0 x86",
"product": {
"name": "IBM Power Hardware Management Console 10.1.1020.0 x86",
"product_id": "T029374-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:hardware_management_console:10.1.1020.0_x86"
}
}
}
],
"category": "product_name",
"name": "Power Hardware Management Console"
},
{
"branches": [
{
"category": "product_version",
"name": "9.6",
"product": {
"name": "IBM Rational Application Developer for WebSphere Software 9.6",
"product_id": "T012259",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:rational_application_developer_for_websphere_software:9.6"
}
}
},
{
"category": "product_version",
"name": "9.7",
"product": {
"name": "IBM Rational Application Developer for WebSphere Software 9.7",
"product_id": "T013505",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:rational_application_developer_for_websphere_software:9.7"
}
}
}
],
"category": "product_name",
"name": "Rational Application Developer for WebSphere Software"
},
{
"category": "product_name",
"name": "IBM Rational Business Developer",
"product": {
"name": "IBM Rational Business Developer",
"product_id": "T025611",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:rational_business_developer:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "9.6",
"product": {
"name": "IBM Rational Software Architect 9.6",
"product_id": "T009891",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:rational_software_architect:9.6"
}
}
},
{
"category": "product_version",
"name": "9.7",
"product": {
"name": "IBM Rational Software Architect 9.7",
"product_id": "T026605",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:rational_software_architect:9.7.x"
}
}
}
],
"category": "product_name",
"name": "Rational Software Architect"
},
{
"branches": [
{
"category": "product_version",
"name": "8.2.1",
"product": {
"name": "IBM Security Access Manager for Enterprise Single Sign-On 8.2.1",
"product_id": "T005246",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.1"
}
}
},
{
"category": "product_version",
"name": "8.2.2",
"product": {
"name": "IBM Security Access Manager for Enterprise Single Sign-On 8.2.2",
"product_id": "T007073",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.2"
}
}
}
],
"category": "product_name",
"name": "Security Access Manager for Enterprise Single Sign-On"
},
{
"branches": [
{
"category": "product_version",
"name": "for Multiplatforms 9.1",
"product": {
"name": "IBM TXSeries for Multiplatforms 9.1",
"product_id": "T015903",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:txseries:for_multiplatforms_9.1"
}
}
},
{
"category": "product_version",
"name": "for Multiplatforms 8.2",
"product": {
"name": "IBM TXSeries for Multiplatforms 8.2",
"product_id": "T015904",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:txseries:for_multiplatforms_8.2"
}
}
},
{
"category": "product_version",
"name": "for Multiplatforms 8.1",
"product": {
"name": "IBM TXSeries for Multiplatforms 8.1",
"product_id": "T015905",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:txseries:for_multiplatforms_8.1"
}
}
}
],
"category": "product_name",
"name": "TXSeries"
},
{
"branches": [
{
"category": "product_version",
"name": "6.2.0",
"product": {
"name": "IBM Tivoli Business Service Manager 6.2.0",
"product_id": "T014092",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_business_service_manager:6.2.0"
}
}
}
],
"category": "product_name",
"name": "Tivoli Business Service Manager"
},
{
"branches": [
{
"category": "product_version",
"name": "6.3.0",
"product": {
"name": "IBM Tivoli Monitoring 6.3.0",
"product_id": "307523",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_monitoring:6.3.0"
}
}
},
{
"category": "product_version_range",
"name": "for Virtual Environments Base \u003c7.3.7",
"product": {
"name": "IBM Tivoli Monitoring for Virtual Environments Base \u003c7.3.7",
"product_id": "T039990"
}
},
{
"category": "product_version",
"name": "for Virtual Environments Base 7.3.7",
"product": {
"name": "IBM Tivoli Monitoring for Virtual Environments Base 7.3.7",
"product_id": "T039990-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_monitoring:7.3.7::for_virtual_environments_base"
}
}
}
],
"category": "product_name",
"name": "Tivoli Monitoring"
},
{
"branches": [
{
"category": "product_version",
"name": "8.1.0",
"product": {
"name": "IBM Tivoli Netcool/OMNIbus 8.1.0",
"product_id": "T026819",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_netcool%2fomnibus:8.1.0_fp30"
}
}
},
{
"category": "product_version_range",
"name": "\u003c8.1.0.31",
"product": {
"name": "IBM Tivoli Netcool/OMNIbus \u003c8.1.0.31",
"product_id": "T030747"
}
},
{
"category": "product_version",
"name": "8.1.0.31",
"product": {
"name": "IBM Tivoli Netcool/OMNIbus 8.1.0.31",
"product_id": "T030747-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_netcool%2fomnibus:8.1.0.31"
}
}
},
{
"category": "product_version_range",
"name": "\u003c8.1.0.32",
"product": {
"name": "IBM Tivoli Netcool/OMNIbus \u003c8.1.0.32",
"product_id": "T034518"
}
},
{
"category": "product_version",
"name": "8.1.0.32",
"product": {
"name": "IBM Tivoli Netcool/OMNIbus 8.1.0.32",
"product_id": "T034518-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_netcool%2fomnibus:8.1.0.32"
}
}
}
],
"category": "product_name",
"name": "Tivoli Netcool/OMNIbus"
},
{
"branches": [
{
"category": "product_version",
"name": "3.1",
"product": {
"name": "IBM VIOS 3.1",
"product_id": "1039165",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:vios:3.1"
}
}
}
],
"category": "product_name",
"name": "VIOS"
},
{
"branches": [
{
"category": "product_version",
"name": "8.5",
"product": {
"name": "IBM WebSphere Application Server 8.5",
"product_id": "703851",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:websphere_application_server:8.5"
}
}
},
{
"category": "product_version",
"name": "9",
"product": {
"name": "IBM WebSphere Application Server 9.0",
"product_id": "703852",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:websphere_application_server:9.0"
}
}
}
],
"category": "product_name",
"name": "WebSphere Application Server"
},
{
"branches": [
{
"category": "product_version",
"name": "8.5",
"product": {
"name": "IBM WebSphere Service Registry and Repository 8.5",
"product_id": "306235",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:websphere_service_registry_and_repository:8.5"
}
}
}
],
"category": "product_name",
"name": "WebSphere Service Registry and Repository"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-40609",
"notes": [
{
"category": "description",
"text": "Es existiert eine Schwachstelle in IBM Java. Im Object Request Broker (ORB) besteht ein Problem aufgrund einer unsicheren Deserialisierung. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um durch das Senden speziell gestalteter Daten beliebigen Code auf dem System auszuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T005246",
"T013505",
"T029374",
"T029373",
"T012259",
"T019294",
"703851",
"703852",
"T026819",
"433292",
"812526",
"T025611",
"T028402",
"1234217",
"T029652",
"867559",
"T039902",
"1268578",
"389079",
"1039165",
"428468",
"389078",
"T024609",
"T024608",
"1150328",
"T002207",
"867560",
"444803",
"5104",
"307523",
"T027961",
"306235",
"T015905",
"T015904",
"T015903",
"672243",
"672244",
"1055431",
"T039990",
"T014092",
"T026605",
"T028989",
"T005180",
"T028988",
"T034518",
"T009891",
"T030747",
"T007073",
"T021486"
]
},
"release_date": "2023-07-31T22:00:00.000+00:00",
"title": "CVE-2022-40609"
}
]
}
WID-SEC-W-2023-1930
Vulnerability from csaf_certbund
Published
2023-07-31 22:00
Modified
2025-01-02 23:00
Summary
IBM Java: Schwachstelle ermöglicht Codeausführung
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
IBM Java Runtime ist die Java Runtime Environment (kurz JRE) Portierung von IBM.
Angriff
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in IBM Java ausnutzen, um beliebigen Programmcode auszuführen.
Betroffene Betriebssysteme
- Linux
- Sonstiges
- UNIX
- Windows
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "IBM Java Runtime ist die Java Runtime Environment (kurz JRE) Portierung von IBM.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in IBM Java ausnutzen, um beliebigen Programmcode auszuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-1930 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1930.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-1930 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1930"
},
{
"category": "external",
"summary": "IBM Security Bulletin vom 2023-07-31",
"url": "https://www.ibm.com/support/pages/node/7017032"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7022475 vom 2023-08-07",
"url": "https://www.ibm.com/support/pages/node/7022475"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7022836 vom 2023-08-07",
"url": "https://www.ibm.com/support/pages/node/7022836"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7023275 vom 2023-08-08",
"url": "https://www.ibm.com/support/pages/node/7023275"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7024675 vom 2023-08-09",
"url": "https://www.ibm.com/support/pages/node/7024675"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7026489 vom 2023-08-14",
"url": "https://www.ibm.com/support/pages/node/7026489"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7027898 vom 2023-08-17",
"url": "https://www.ibm.com/support/pages/node/7027898"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7028404 vom 2023-08-23",
"url": "https://www.ibm.com/support/pages/node/7028404"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:3406-1 vom 2023-08-23",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-August/016004.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:3441-1 vom 2023-08-28",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-August/016025.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7029662 vom 2023-08-29",
"url": "https://www.ibm.com/support/pages/node/7029662"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7027874 vom 2023-08-31",
"url": "https://www.ibm.com/support/pages/node/7027874"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7030225 vom 2023-08-31",
"url": "https://aix.software.ibm.com/aix/efixes/security/java_aug2023_advisory.asc"
},
{
"category": "external",
"summary": "IBM Security Bulletin",
"url": "https://www.ibm.com/support/pages/node/7030522"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7030613 vom 2023-09-05",
"url": "https://www.ibm.com/support/pages/node/7030613"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7030664 vom 2023-09-05",
"url": "https://www.ibm.com/support/pages/node/7030664"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7029361 vom 2023-09-08",
"url": "https://www.ibm.com/support/pages/node/7029361"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7047724 vom 2023-10-06",
"url": "https://www.ibm.com/support/pages/node/7047724"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7058366 vom 2023-10-24",
"url": "https://www.ibm.com/support/pages/node/7058366"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7059262 vom 2023-10-25",
"url": "https://www.ibm.com/support/pages/node/7059262"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7059914 vom 2023-10-25",
"url": "https://www.ibm.com/support/pages/node/7059914"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7076274 vom 2023-11-15",
"url": "https://www.ibm.com/support/pages/node/7076274"
},
{
"category": "external",
"summary": "HCL Security Bulletin vom 2024-05-01",
"url": "https://support.hcltechsw.com/community?id=community_blog\u0026sys_id=1387c6571b39c29c574121f7ec4bcbd5"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7150063 vom 2024-05-02",
"url": "https://www.ibm.com/support/pages/node/7150063"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7150657 vom 2024-05-09",
"url": "https://www.ibm.com/support/pages/node/7150657"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7179223 vom 2024-12-17",
"url": "https://www.ibm.com/support/pages/node/7179223"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7180128 vom 2025-01-02",
"url": "https://www.ibm.com/support/pages/node/7180128"
}
],
"source_lang": "en-US",
"title": "IBM Java: Schwachstelle erm\u00f6glicht Codeausf\u00fchrung",
"tracking": {
"current_release_date": "2025-01-02T23:00:00.000+00:00",
"generator": {
"date": "2025-01-03T09:20:44.801+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.10"
}
},
"id": "WID-SEC-W-2023-1930",
"initial_release_date": "2023-07-31T22:00:00.000+00:00",
"revision_history": [
{
"date": "2023-07-31T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2023-08-07T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-08-08T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von IBM und IBM-APAR aufgenommen"
},
{
"date": "2023-08-14T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-08-16T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von IBM und IBM-APAR aufgenommen"
},
{
"date": "2023-08-22T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-08-23T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2023-08-27T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2023-08-29T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-08-30T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-08-31T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-09-04T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-09-05T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-09-10T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-10-08T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-10-24T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-10-25T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-11-15T23:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-05-01T22:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2024-05-02T22:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-05-09T22:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-12-17T23:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-01-02T23:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von IBM aufgenommen"
}
],
"status": "final",
"version": "23"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "HCL Commerce",
"product": {
"name": "HCL Commerce",
"product_id": "T019294",
"product_identification_helper": {
"cpe": "cpe:/a:hcltechsw:commerce:-"
}
}
}
],
"category": "vendor",
"name": "HCL"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "7.3",
"product": {
"name": "IBM AIX 7.3",
"product_id": "T021486",
"product_identification_helper": {
"cpe": "cpe:/o:ibm:aix:7.3"
}
}
},
{
"category": "product_version",
"name": "7.2",
"product": {
"name": "IBM AIX 7.2",
"product_id": "T029652",
"product_identification_helper": {
"cpe": "cpe:/o:ibm:aix:7.2"
}
}
}
],
"category": "product_name",
"name": "AIX"
},
{
"branches": [
{
"category": "product_version",
"name": "21.0.2",
"product": {
"name": "IBM Business Automation Workflow 21.0.2",
"product_id": "1055431",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:21.0.2"
}
}
},
{
"category": "product_version",
"name": "21.0.3",
"product": {
"name": "IBM Business Automation Workflow 21.0.3",
"product_id": "1150328",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:21.0.3"
}
}
},
{
"category": "product_version",
"name": "22.0.1",
"product": {
"name": "IBM Business Automation Workflow 22.0.1",
"product_id": "1268578",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:22.0.1"
}
}
},
{
"category": "product_version",
"name": "18.0.0.0",
"product": {
"name": "IBM Business Automation Workflow 18.0.0.0",
"product_id": "389078",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:18.0.0.0"
}
}
},
{
"category": "product_version",
"name": "18.0.0.1",
"product": {
"name": "IBM Business Automation Workflow 18.0.0.1",
"product_id": "389079",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:18.0.0.1"
}
}
},
{
"category": "product_version",
"name": "18.0.0.2",
"product": {
"name": "IBM Business Automation Workflow 18.0.0.2",
"product_id": "428468",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:18.0.0.2"
}
}
},
{
"category": "product_version",
"name": "19.0.0.1",
"product": {
"name": "IBM Business Automation Workflow 19.0.0.1",
"product_id": "433292",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:19.0.0.1"
}
}
},
{
"category": "product_version",
"name": "19.0.0.2",
"product": {
"name": "IBM Business Automation Workflow 19.0.0.2",
"product_id": "672243",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:19.0.0.2"
}
}
},
{
"category": "product_version",
"name": "19.0.0.3",
"product": {
"name": "IBM Business Automation Workflow 19.0.0.3",
"product_id": "672244",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:19.0.0.3"
}
}
},
{
"category": "product_version",
"name": "20.0.0.1",
"product": {
"name": "IBM Business Automation Workflow 20.0.0.1",
"product_id": "867559",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:20.0.0.1"
}
}
},
{
"category": "product_version",
"name": "20.0.0.2",
"product": {
"name": "IBM Business Automation Workflow 20.0.0.2",
"product_id": "867560",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:20.0.0.2"
}
}
},
{
"category": "product_version",
"name": "22.0.2",
"product": {
"name": "IBM Business Automation Workflow 22.0.2",
"product_id": "T027961",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:22.0.2"
}
}
}
],
"category": "product_name",
"name": "Business Automation Workflow"
},
{
"category": "product_name",
"name": "IBM DB2",
"product": {
"name": "IBM DB2",
"product_id": "5104",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:db2:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "5.5.8",
"product": {
"name": "IBM FileNet Content Manager 5.5.8",
"product_id": "T024608",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:filenet_content_manager:5.5.8"
}
}
},
{
"category": "product_version",
"name": "5.5.9",
"product": {
"name": "IBM FileNet Content Manager 5.5.9",
"product_id": "T024609",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:filenet_content_manager:5.5.9"
}
}
}
],
"category": "product_name",
"name": "FileNet Content Manager"
},
{
"branches": [
{
"category": "product_version",
"name": "11.7",
"product": {
"name": "IBM InfoSphere Information Server 11.7",
"product_id": "444803",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:infosphere_information_server:11.7"
}
}
}
],
"category": "product_name",
"name": "InfoSphere Information Server"
},
{
"branches": [
{
"category": "product_version",
"name": "Dynamic Server",
"product": {
"name": "IBM Informix Dynamic Server",
"product_id": "T039902",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:informix:dynamic_server"
}
}
}
],
"category": "product_name",
"name": "Informix"
},
{
"branches": [
{
"category": "product_version",
"name": "10.1-10.1.0.1",
"product": {
"name": "IBM Integration Bus 10.1-10.1.0.1",
"product_id": "T028402",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:integration_bus:10.1_-_10.1.0.1"
}
}
}
],
"category": "product_name",
"name": "Integration Bus"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c7.1.5.19",
"product": {
"name": "IBM Java \u003c7.1.5.19",
"product_id": "T028988"
}
},
{
"category": "product_version",
"name": "7.1.5.19",
"product": {
"name": "IBM Java 7.1.5.19",
"product_id": "T028988-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:jre:7.1.5.19"
}
}
},
{
"category": "product_version_range",
"name": "\u003c8.0.8.5",
"product": {
"name": "IBM Java \u003c8.0.8.5",
"product_id": "T028989"
}
},
{
"category": "product_version",
"name": "8.0.8.5",
"product": {
"name": "IBM Java 8.0.8.5",
"product_id": "T028989-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:jre:8.0.8.5"
}
}
}
],
"category": "product_name",
"name": "Java"
},
{
"branches": [
{
"category": "product_version",
"name": "7.6.1.3",
"product": {
"name": "IBM Maximo Asset Management 7.6.1.3",
"product_id": "1234217",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:maximo_asset_management:7.6.1.3"
}
}
},
{
"category": "product_version",
"name": "7.6.1.2",
"product": {
"name": "IBM Maximo Asset Management 7.6.1.2",
"product_id": "812526",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:maximo_asset_management:7.6.1.2"
}
}
}
],
"category": "product_name",
"name": "Maximo Asset Management"
},
{
"category": "product_name",
"name": "IBM Operational Decision Manager",
"product": {
"name": "IBM Operational Decision Manager",
"product_id": "T005180",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:operational_decision_manager:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.1.1020.0 ppc",
"product": {
"name": "IBM Power Hardware Management Console \u003c10.1.1020.0 ppc",
"product_id": "T029373"
}
},
{
"category": "product_version",
"name": "10.1.1020.0 ppc",
"product": {
"name": "IBM Power Hardware Management Console 10.1.1020.0 ppc",
"product_id": "T029373-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:hardware_management_console:10.1.1020.0_ppc"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.1.1020.0 x86",
"product": {
"name": "IBM Power Hardware Management Console \u003c10.1.1020.0 x86",
"product_id": "T029374"
}
},
{
"category": "product_version",
"name": "10.1.1020.0 x86",
"product": {
"name": "IBM Power Hardware Management Console 10.1.1020.0 x86",
"product_id": "T029374-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:hardware_management_console:10.1.1020.0_x86"
}
}
}
],
"category": "product_name",
"name": "Power Hardware Management Console"
},
{
"branches": [
{
"category": "product_version",
"name": "9.6",
"product": {
"name": "IBM Rational Application Developer for WebSphere Software 9.6",
"product_id": "T012259",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:rational_application_developer_for_websphere_software:9.6"
}
}
},
{
"category": "product_version",
"name": "9.7",
"product": {
"name": "IBM Rational Application Developer for WebSphere Software 9.7",
"product_id": "T013505",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:rational_application_developer_for_websphere_software:9.7"
}
}
}
],
"category": "product_name",
"name": "Rational Application Developer for WebSphere Software"
},
{
"category": "product_name",
"name": "IBM Rational Business Developer",
"product": {
"name": "IBM Rational Business Developer",
"product_id": "T025611",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:rational_business_developer:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "9.6",
"product": {
"name": "IBM Rational Software Architect 9.6",
"product_id": "T009891",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:rational_software_architect:9.6"
}
}
},
{
"category": "product_version",
"name": "9.7",
"product": {
"name": "IBM Rational Software Architect 9.7",
"product_id": "T026605",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:rational_software_architect:9.7.x"
}
}
}
],
"category": "product_name",
"name": "Rational Software Architect"
},
{
"branches": [
{
"category": "product_version",
"name": "8.2.1",
"product": {
"name": "IBM Security Access Manager for Enterprise Single Sign-On 8.2.1",
"product_id": "T005246",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.1"
}
}
},
{
"category": "product_version",
"name": "8.2.2",
"product": {
"name": "IBM Security Access Manager for Enterprise Single Sign-On 8.2.2",
"product_id": "T007073",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.2"
}
}
}
],
"category": "product_name",
"name": "Security Access Manager for Enterprise Single Sign-On"
},
{
"branches": [
{
"category": "product_version",
"name": "for Multiplatforms 9.1",
"product": {
"name": "IBM TXSeries for Multiplatforms 9.1",
"product_id": "T015903",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:txseries:for_multiplatforms_9.1"
}
}
},
{
"category": "product_version",
"name": "for Multiplatforms 8.2",
"product": {
"name": "IBM TXSeries for Multiplatforms 8.2",
"product_id": "T015904",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:txseries:for_multiplatforms_8.2"
}
}
},
{
"category": "product_version",
"name": "for Multiplatforms 8.1",
"product": {
"name": "IBM TXSeries for Multiplatforms 8.1",
"product_id": "T015905",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:txseries:for_multiplatforms_8.1"
}
}
}
],
"category": "product_name",
"name": "TXSeries"
},
{
"branches": [
{
"category": "product_version",
"name": "6.2.0",
"product": {
"name": "IBM Tivoli Business Service Manager 6.2.0",
"product_id": "T014092",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_business_service_manager:6.2.0"
}
}
}
],
"category": "product_name",
"name": "Tivoli Business Service Manager"
},
{
"branches": [
{
"category": "product_version",
"name": "6.3.0",
"product": {
"name": "IBM Tivoli Monitoring 6.3.0",
"product_id": "307523",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_monitoring:6.3.0"
}
}
},
{
"category": "product_version_range",
"name": "for Virtual Environments Base \u003c7.3.7",
"product": {
"name": "IBM Tivoli Monitoring for Virtual Environments Base \u003c7.3.7",
"product_id": "T039990"
}
},
{
"category": "product_version",
"name": "for Virtual Environments Base 7.3.7",
"product": {
"name": "IBM Tivoli Monitoring for Virtual Environments Base 7.3.7",
"product_id": "T039990-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_monitoring:7.3.7::for_virtual_environments_base"
}
}
}
],
"category": "product_name",
"name": "Tivoli Monitoring"
},
{
"branches": [
{
"category": "product_version",
"name": "8.1.0",
"product": {
"name": "IBM Tivoli Netcool/OMNIbus 8.1.0",
"product_id": "T026819",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_netcool%2fomnibus:8.1.0_fp30"
}
}
},
{
"category": "product_version_range",
"name": "\u003c8.1.0.31",
"product": {
"name": "IBM Tivoli Netcool/OMNIbus \u003c8.1.0.31",
"product_id": "T030747"
}
},
{
"category": "product_version",
"name": "8.1.0.31",
"product": {
"name": "IBM Tivoli Netcool/OMNIbus 8.1.0.31",
"product_id": "T030747-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_netcool%2fomnibus:8.1.0.31"
}
}
},
{
"category": "product_version_range",
"name": "\u003c8.1.0.32",
"product": {
"name": "IBM Tivoli Netcool/OMNIbus \u003c8.1.0.32",
"product_id": "T034518"
}
},
{
"category": "product_version",
"name": "8.1.0.32",
"product": {
"name": "IBM Tivoli Netcool/OMNIbus 8.1.0.32",
"product_id": "T034518-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_netcool%2fomnibus:8.1.0.32"
}
}
}
],
"category": "product_name",
"name": "Tivoli Netcool/OMNIbus"
},
{
"branches": [
{
"category": "product_version",
"name": "3.1",
"product": {
"name": "IBM VIOS 3.1",
"product_id": "1039165",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:vios:3.1"
}
}
}
],
"category": "product_name",
"name": "VIOS"
},
{
"branches": [
{
"category": "product_version",
"name": "8.5",
"product": {
"name": "IBM WebSphere Application Server 8.5",
"product_id": "703851",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:websphere_application_server:8.5"
}
}
},
{
"category": "product_version",
"name": "9",
"product": {
"name": "IBM WebSphere Application Server 9.0",
"product_id": "703852",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:websphere_application_server:9.0"
}
}
}
],
"category": "product_name",
"name": "WebSphere Application Server"
},
{
"branches": [
{
"category": "product_version",
"name": "8.5",
"product": {
"name": "IBM WebSphere Service Registry and Repository 8.5",
"product_id": "306235",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:websphere_service_registry_and_repository:8.5"
}
}
}
],
"category": "product_name",
"name": "WebSphere Service Registry and Repository"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-40609",
"notes": [
{
"category": "description",
"text": "Es existiert eine Schwachstelle in IBM Java. Im Object Request Broker (ORB) besteht ein Problem aufgrund einer unsicheren Deserialisierung. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um durch das Senden speziell gestalteter Daten beliebigen Code auf dem System auszuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T005246",
"T013505",
"T029374",
"T029373",
"T012259",
"T019294",
"703851",
"703852",
"T026819",
"433292",
"812526",
"T025611",
"T028402",
"1234217",
"T029652",
"867559",
"T039902",
"1268578",
"389079",
"1039165",
"428468",
"389078",
"T024609",
"T024608",
"1150328",
"T002207",
"867560",
"444803",
"5104",
"307523",
"T027961",
"306235",
"T015905",
"T015904",
"T015903",
"672243",
"672244",
"1055431",
"T039990",
"T014092",
"T026605",
"T028989",
"T005180",
"T028988",
"T034518",
"T009891",
"T030747",
"T007073",
"T021486"
]
},
"release_date": "2023-07-31T22:00:00.000+00:00",
"title": "CVE-2022-40609"
}
]
}
wid-sec-w-2023-2625
Vulnerability from csaf_certbund
Published
2023-10-10 22:00
Modified
2024-08-15 22:00
Summary
IBM QRadar SIEM: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
IBM QRadar Security Information and Event Management (SIEM) bietet Unterstützung bei der Erkennung und Priorisierung von Sicherheitsbedrohungen im Unternehmen.
Angriff
Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in IBM QRadar SIEM ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen und einen Cross-Site-Scripting-Angriff durchzuführen.
Betroffene Betriebssysteme
- Linux
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "IBM QRadar Security Information and Event Management (SIEM) bietet Unterst\u00fctzung bei der Erkennung und Priorisierung von Sicherheitsbedrohungen im Unternehmen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in IBM QRadar SIEM ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-2625 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2625.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-2625 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2625"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7049133 vom 2023-10-10",
"url": "https://www.ibm.com/support/pages/node/7049133"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7165686 vom 2024-08-16",
"url": "https://www.ibm.com/support/pages/node/7165686"
}
],
"source_lang": "en-US",
"title": "IBM QRadar SIEM: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-08-15T22:00:00.000+00:00",
"generator": {
"date": "2024-08-16T10:07:42.179+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-2625",
"initial_release_date": "2023-10-10T22:00:00.000+00:00",
"revision_history": [
{
"date": "2023-10-10T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-08-15T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von IBM aufgenommen"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "7.5",
"product": {
"name": "IBM QRadar SIEM 7.5",
"product_id": "T022954",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:7.5"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.5.0 UP7",
"product": {
"name": "IBM QRadar SIEM \u003c7.5.0 UP7",
"product_id": "T030425"
}
}
],
"category": "product_name",
"name": "QRadar SIEM"
}
],
"category": "vendor",
"name": "IBM"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-1000027",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2016-1000027"
},
{
"cve": "CVE-2020-13956",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2020-13956"
},
{
"cve": "CVE-2022-21426",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2022-21426"
},
{
"cve": "CVE-2022-25147",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2022-25147"
},
{
"cve": "CVE-2022-3564",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2022-3564"
},
{
"cve": "CVE-2022-40609",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2022-40609"
},
{
"cve": "CVE-2022-48339",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2022-48339"
},
{
"cve": "CVE-2023-20867",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-20867"
},
{
"cve": "CVE-2023-21830",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-21830"
},
{
"cve": "CVE-2023-21843",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-21843"
},
{
"cve": "CVE-2023-21930",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-21930"
},
{
"cve": "CVE-2023-21937",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-21937"
},
{
"cve": "CVE-2023-21938",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-21938"
},
{
"cve": "CVE-2023-21939",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-21939"
},
{
"cve": "CVE-2023-21954",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-21954"
},
{
"cve": "CVE-2023-21967",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-21967"
},
{
"cve": "CVE-2023-21968",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-21968"
},
{
"cve": "CVE-2023-24998",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-24998"
},
{
"cve": "CVE-2023-25652",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-25652"
},
{
"cve": "CVE-2023-2597",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-2597"
},
{
"cve": "CVE-2023-26048",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-26048"
},
{
"cve": "CVE-2023-26049",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-26049"
},
{
"cve": "CVE-2023-2828",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-2828"
},
{
"cve": "CVE-2023-28709",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-28709"
},
{
"cve": "CVE-2023-29007",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-29007"
},
{
"cve": "CVE-2023-2976",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-2976"
},
{
"cve": "CVE-2023-30441",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-30441"
},
{
"cve": "CVE-2023-30994",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-30994"
},
{
"cve": "CVE-2023-32067",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-32067"
},
{
"cve": "CVE-2023-32697",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-32697"
},
{
"cve": "CVE-2023-33201",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-33201"
},
{
"cve": "CVE-2023-34149",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-34149"
},
{
"cve": "CVE-2023-34396",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-34396"
},
{
"cve": "CVE-2023-34453",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-34453"
},
{
"cve": "CVE-2023-34454",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-34454"
},
{
"cve": "CVE-2023-34455",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-34455"
},
{
"cve": "CVE-2023-34981",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-34981"
},
{
"cve": "CVE-2023-35116",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-35116"
},
{
"cve": "CVE-2023-38408",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-38408"
},
{
"cve": "CVE-2023-40367",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-40367"
}
]
}
WID-SEC-W-2023-2625
Vulnerability from csaf_certbund
Published
2023-10-10 22:00
Modified
2024-08-15 22:00
Summary
IBM QRadar SIEM: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
IBM QRadar Security Information and Event Management (SIEM) bietet Unterstützung bei der Erkennung und Priorisierung von Sicherheitsbedrohungen im Unternehmen.
Angriff
Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in IBM QRadar SIEM ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen und einen Cross-Site-Scripting-Angriff durchzuführen.
Betroffene Betriebssysteme
- Linux
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "IBM QRadar Security Information and Event Management (SIEM) bietet Unterst\u00fctzung bei der Erkennung und Priorisierung von Sicherheitsbedrohungen im Unternehmen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in IBM QRadar SIEM ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-2625 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2625.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-2625 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2625"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7049133 vom 2023-10-10",
"url": "https://www.ibm.com/support/pages/node/7049133"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7165686 vom 2024-08-16",
"url": "https://www.ibm.com/support/pages/node/7165686"
}
],
"source_lang": "en-US",
"title": "IBM QRadar SIEM: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-08-15T22:00:00.000+00:00",
"generator": {
"date": "2024-08-16T10:07:42.179+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-2625",
"initial_release_date": "2023-10-10T22:00:00.000+00:00",
"revision_history": [
{
"date": "2023-10-10T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-08-15T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von IBM aufgenommen"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "7.5",
"product": {
"name": "IBM QRadar SIEM 7.5",
"product_id": "T022954",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:7.5"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.5.0 UP7",
"product": {
"name": "IBM QRadar SIEM \u003c7.5.0 UP7",
"product_id": "T030425"
}
}
],
"category": "product_name",
"name": "QRadar SIEM"
}
],
"category": "vendor",
"name": "IBM"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-1000027",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2016-1000027"
},
{
"cve": "CVE-2020-13956",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2020-13956"
},
{
"cve": "CVE-2022-21426",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2022-21426"
},
{
"cve": "CVE-2022-25147",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2022-25147"
},
{
"cve": "CVE-2022-3564",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2022-3564"
},
{
"cve": "CVE-2022-40609",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2022-40609"
},
{
"cve": "CVE-2022-48339",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2022-48339"
},
{
"cve": "CVE-2023-20867",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-20867"
},
{
"cve": "CVE-2023-21830",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-21830"
},
{
"cve": "CVE-2023-21843",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-21843"
},
{
"cve": "CVE-2023-21930",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-21930"
},
{
"cve": "CVE-2023-21937",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-21937"
},
{
"cve": "CVE-2023-21938",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-21938"
},
{
"cve": "CVE-2023-21939",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-21939"
},
{
"cve": "CVE-2023-21954",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-21954"
},
{
"cve": "CVE-2023-21967",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-21967"
},
{
"cve": "CVE-2023-21968",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-21968"
},
{
"cve": "CVE-2023-24998",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-24998"
},
{
"cve": "CVE-2023-25652",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-25652"
},
{
"cve": "CVE-2023-2597",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-2597"
},
{
"cve": "CVE-2023-26048",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-26048"
},
{
"cve": "CVE-2023-26049",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-26049"
},
{
"cve": "CVE-2023-2828",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-2828"
},
{
"cve": "CVE-2023-28709",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-28709"
},
{
"cve": "CVE-2023-29007",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-29007"
},
{
"cve": "CVE-2023-2976",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-2976"
},
{
"cve": "CVE-2023-30441",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-30441"
},
{
"cve": "CVE-2023-30994",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-30994"
},
{
"cve": "CVE-2023-32067",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-32067"
},
{
"cve": "CVE-2023-32697",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-32697"
},
{
"cve": "CVE-2023-33201",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-33201"
},
{
"cve": "CVE-2023-34149",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-34149"
},
{
"cve": "CVE-2023-34396",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-34396"
},
{
"cve": "CVE-2023-34453",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-34453"
},
{
"cve": "CVE-2023-34454",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-34454"
},
{
"cve": "CVE-2023-34455",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-34455"
},
{
"cve": "CVE-2023-34981",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-34981"
},
{
"cve": "CVE-2023-35116",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-35116"
},
{
"cve": "CVE-2023-38408",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-38408"
},
{
"cve": "CVE-2023-40367",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund von Puffer\u00fcberl\u00e4ufen, Integer-\u00dcberl\u00e4ufen, unsicherer Behandlung, Use-after-free-Fehlern und einem unsicheren Deserialisierungsfehler. Zu den betroffenen Komponenten geh\u00f6ren Apache Tomcat, Apache Portable Runtime, Apache HttpClient, Java SE, l2cap_reassemble_sdu, c-ares, The Bouncy Castle Crypto Package, Pivota Spring Framework, snappy-java, IBM SDK, GNU Emacs, Fasterxml jackson-databind, VMWare Tools, Eclipse Jetty, OpenSSH, ISC BIND, Apache Struts, Git, SQLite JDBC, Eclipse Openj9 und Google Guava. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2023-10-10T22:00:00.000+00:00",
"title": "CVE-2023-40367"
}
]
}
suse-su-2023:3441-1
Vulnerability from csaf_suse
Published
2023-08-28 07:55
Modified
2023-08-28 07:55
Summary
Security update for java-1_8_0-ibm
Notes
Title of the patch
Security update for java-1_8_0-ibm
Description of the patch
This update for java-1_8_0-ibm fixes the following issues:
- Update to Java 8.0 Service Refresh 8 Fix Pack 10 (bsc#1213541)
- CVE-2022-40609: Fixed an unsafe deserialization flaw which could allow a remote attacker to execute arbitrary code on the system. (bsc#1213934)
- CVE-2023-22041: Fixed a flaw whcih could allow unauthorized access to critical data or complete access. (bsc#1213475)
- CVE-2023-22049: Fixed a flaw which could result in unauthorized update. (bsc#1213482)
- CVE-2023-22045: Fixed a flaw which could result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. (bsc#1213481)
- CVE-2023-22044: Fixed a flaw which could result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. (bsc#1213479)
- CVE-2023-22036: Fixed a flaw which could result in unauthorized ability to cause a partial denial of service. (bsc#1213474)
- CVE-2023-25193: Fixed a flaw which could allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks. (bsc#1207922)
- CVE-2023-22006: Fixed a flaw which could result in unauthorized update, insert or delete access for JDK accessible data. (bsc#1213473)
Patchnames
SUSE-2023-3441,SUSE-SLE-Module-Legacy-15-SP4-2023-3441,SUSE-SLE-Module-Legacy-15-SP5-2023-3441,SUSE-SLE-Product-HPC-15-SP3-ESPOS-2023-3441,SUSE-SLE-Product-HPC-15-SP3-LTSS-2023-3441,SUSE-SLE-Product-SLES-15-SP1-LTSS-2023-3441,SUSE-SLE-Product-SLES-15-SP2-LTSS-2023-3441,SUSE-SLE-Product-SLES-15-SP3-LTSS-2023-3441,SUSE-SLE-Product-SLES_SAP-15-SP1-2023-3441,SUSE-SLE-Product-SLES_SAP-15-SP2-2023-3441,SUSE-SLE-Product-SLES_SAP-15-SP3-2023-3441,SUSE-Storage-7-2023-3441,SUSE-Storage-7.1-2023-3441,openSUSE-SLE-15.4-2023-3441,openSUSE-SLE-15.5-2023-3441
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for java-1_8_0-ibm",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for java-1_8_0-ibm fixes the following issues:\n\n- Update to Java 8.0 Service Refresh 8 Fix Pack 10 (bsc#1213541)\n- CVE-2022-40609: Fixed an unsafe deserialization flaw which could allow a remote attacker to execute arbitrary code on the system. (bsc#1213934)\n- CVE-2023-22041: Fixed a flaw whcih could allow unauthorized access to critical data or complete access. (bsc#1213475)\n- CVE-2023-22049: Fixed a flaw which could result in unauthorized update. (bsc#1213482)\n- CVE-2023-22045: Fixed a flaw which could result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. (bsc#1213481)\n- CVE-2023-22044: Fixed a flaw which could result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. (bsc#1213479)\n- CVE-2023-22036: Fixed a flaw which could result in unauthorized ability to cause a partial denial of service. (bsc#1213474)\n- CVE-2023-25193: Fixed a flaw which could allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks. (bsc#1207922)\n- CVE-2023-22006: Fixed a flaw which could result in unauthorized update, insert or delete access for JDK accessible data. (bsc#1213473)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-3441,SUSE-SLE-Module-Legacy-15-SP4-2023-3441,SUSE-SLE-Module-Legacy-15-SP5-2023-3441,SUSE-SLE-Product-HPC-15-SP3-ESPOS-2023-3441,SUSE-SLE-Product-HPC-15-SP3-LTSS-2023-3441,SUSE-SLE-Product-SLES-15-SP1-LTSS-2023-3441,SUSE-SLE-Product-SLES-15-SP2-LTSS-2023-3441,SUSE-SLE-Product-SLES-15-SP3-LTSS-2023-3441,SUSE-SLE-Product-SLES_SAP-15-SP1-2023-3441,SUSE-SLE-Product-SLES_SAP-15-SP2-2023-3441,SUSE-SLE-Product-SLES_SAP-15-SP3-2023-3441,SUSE-Storage-7-2023-3441,SUSE-Storage-7.1-2023-3441,openSUSE-SLE-15.4-2023-3441,openSUSE-SLE-15.5-2023-3441",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_3441-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:3441-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20233441-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:3441-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-August/016025.html"
},
{
"category": "self",
"summary": "SUSE Bug 1207922",
"url": "https://bugzilla.suse.com/1207922"
},
{
"category": "self",
"summary": "SUSE Bug 1213473",
"url": "https://bugzilla.suse.com/1213473"
},
{
"category": "self",
"summary": "SUSE Bug 1213474",
"url": "https://bugzilla.suse.com/1213474"
},
{
"category": "self",
"summary": "SUSE Bug 1213475",
"url": "https://bugzilla.suse.com/1213475"
},
{
"category": "self",
"summary": "SUSE Bug 1213479",
"url": "https://bugzilla.suse.com/1213479"
},
{
"category": "self",
"summary": "SUSE Bug 1213481",
"url": "https://bugzilla.suse.com/1213481"
},
{
"category": "self",
"summary": "SUSE Bug 1213482",
"url": "https://bugzilla.suse.com/1213482"
},
{
"category": "self",
"summary": "SUSE Bug 1213541",
"url": "https://bugzilla.suse.com/1213541"
},
{
"category": "self",
"summary": "SUSE Bug 1213934",
"url": "https://bugzilla.suse.com/1213934"
},
{
"category": "self",
"summary": "SUSE Bug 1214431",
"url": "https://bugzilla.suse.com/1214431"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-40609 page",
"url": "https://www.suse.com/security/cve/CVE-2022-40609/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-22006 page",
"url": "https://www.suse.com/security/cve/CVE-2023-22006/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-22036 page",
"url": "https://www.suse.com/security/cve/CVE-2023-22036/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-22041 page",
"url": "https://www.suse.com/security/cve/CVE-2023-22041/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-22044 page",
"url": "https://www.suse.com/security/cve/CVE-2023-22044/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-22045 page",
"url": "https://www.suse.com/security/cve/CVE-2023-22045/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-22049 page",
"url": "https://www.suse.com/security/cve/CVE-2023-22049/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-25193 page",
"url": "https://www.suse.com/security/cve/CVE-2023-25193/"
}
],
"title": "Security update for java-1_8_0-ibm",
"tracking": {
"current_release_date": "2023-08-28T07:55:06Z",
"generator": {
"date": "2023-08-28T07:55:06Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:3441-1",
"initial_release_date": "2023-08-28T07:55:06Z",
"revision_history": [
{
"date": "2023-08-28T07:55:06Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.i586",
"product": {
"name": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.i586",
"product_id": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.i586"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.i586",
"product": {
"name": "java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.i586",
"product_id": "java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.i586"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.i586",
"product": {
"name": "java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.i586",
"product_id": "java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.i586"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.i586",
"product": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.i586",
"product_id": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.i586"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.i586",
"product": {
"name": "java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.i586",
"product_id": "java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.i586"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.i586",
"product": {
"name": "java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.i586",
"product_id": "java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"product": {
"name": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"product_id": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"product": {
"name": "java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"product_id": "java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"product": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"product_id": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"product": {
"name": "java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"product_id": "java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"product": {
"name": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"product_id": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.s390x",
"product": {
"name": "java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.s390x",
"product_id": "java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"product": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"product_id": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.s390x",
"product": {
"name": "java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.s390x",
"product_id": "java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"product": {
"name": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"product_id": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"product": {
"name": "java-1_8_0-ibm-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"product_id": "java-1_8_0-ibm-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"product": {
"name": "java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"product_id": "java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.x86_64",
"product": {
"name": "java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.x86_64",
"product_id": "java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"product": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"product_id": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"product": {
"name": "java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"product_id": "java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"product": {
"name": "java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"product_id": "java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.x86_64",
"product": {
"name": "java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.x86_64",
"product_id": "java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Legacy 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Module for Legacy 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-legacy:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Legacy 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Module for Legacy 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-legacy:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 7",
"product": {
"name": "SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:7"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 7.1",
"product": {
"name": "SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:7.1"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.4",
"product": {
"name": "openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.4"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.5",
"product": {
"name": "openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le as component of SUSE Linux Enterprise Module for Legacy 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x as component of SUSE Linux Enterprise Module for Legacy 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le as component of SUSE Linux Enterprise Module for Legacy 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x as component of SUSE Linux Enterprise Module for Legacy 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le as component of SUSE Linux Enterprise Module for Legacy 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x as component of SUSE Linux Enterprise Module for Legacy 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le as component of SUSE Linux Enterprise Module for Legacy 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x as component of SUSE Linux Enterprise Module for Legacy 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:java-1_8_0-ibm-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.s390x"
},
"product_reference": "java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.s390x"
},
"product_reference": "java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-ibm-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.s390x"
},
"product_reference": "java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.s390x"
},
"product_reference": "java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-40609",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-40609"
}
],
"notes": [
{
"category": "general",
"text": "IBM SDK, Java Technology Edition 7.1.5.18 and 8.0.8.0 could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization flaw. By sending specially-crafted data, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 236069.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-40609",
"url": "https://www.suse.com/security/cve/CVE-2022-40609"
},
{
"category": "external",
"summary": "SUSE Bug 1213934 for CVE-2022-40609",
"url": "https://bugzilla.suse.com/1213934"
},
{
"category": "external",
"summary": "SUSE Bug 1214431 for CVE-2022-40609",
"url": "https://bugzilla.suse.com/1214431"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-08-28T07:55:06Z",
"details": "important"
}
],
"title": "CVE-2022-40609"
},
{
"cve": "CVE-2023-22006",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-22006"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and 20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.1 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-22006",
"url": "https://www.suse.com/security/cve/CVE-2023-22006"
},
{
"category": "external",
"summary": "SUSE Bug 1213473 for CVE-2023-22006",
"url": "https://bugzilla.suse.com/1213473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-08-28T07:55:06Z",
"details": "low"
}
],
"title": "CVE-2023-22006"
},
{
"cve": "CVE-2023-22036",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-22036"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Utility). Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and 20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-22036",
"url": "https://www.suse.com/security/cve/CVE-2023-22036"
},
{
"category": "external",
"summary": "SUSE Bug 1213474 for CVE-2023-22036",
"url": "https://bugzilla.suse.com/1213474"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-08-28T07:55:06Z",
"details": "low"
}
],
"title": "CVE-2023-22036"
},
{
"cve": "CVE-2023-22041",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-22041"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and 20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK executes to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-22041",
"url": "https://www.suse.com/security/cve/CVE-2023-22041"
},
{
"category": "external",
"summary": "SUSE Bug 1213475 for CVE-2023-22041",
"url": "https://bugzilla.suse.com/1213475"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-08-28T07:55:06Z",
"details": "moderate"
}
],
"title": "CVE-2023-22041"
},
{
"cve": "CVE-2023-22044",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-22044"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u371-perf, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and 20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-22044",
"url": "https://www.suse.com/security/cve/CVE-2023-22044"
},
{
"category": "external",
"summary": "SUSE Bug 1213479 for CVE-2023-22044",
"url": "https://bugzilla.suse.com/1213479"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-08-28T07:55:06Z",
"details": "low"
}
],
"title": "CVE-2023-22044"
},
{
"cve": "CVE-2023-22045",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-22045"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u371, 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and 20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-22045",
"url": "https://www.suse.com/security/cve/CVE-2023-22045"
},
{
"category": "external",
"summary": "SUSE Bug 1213481 for CVE-2023-22045",
"url": "https://bugzilla.suse.com/1213481"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-08-28T07:55:06Z",
"details": "low"
}
],
"title": "CVE-2023-22045"
},
{
"cve": "CVE-2023-22049",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-22049"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u371, 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and 20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-22049",
"url": "https://www.suse.com/security/cve/CVE-2023-22049"
},
{
"category": "external",
"summary": "SUSE Bug 1213482 for CVE-2023-22049",
"url": "https://bugzilla.suse.com/1213482"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-08-28T07:55:06Z",
"details": "low"
}
],
"title": "CVE-2023-22049"
},
{
"cve": "CVE-2023-25193",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-25193"
}
],
"notes": [
{
"category": "general",
"text": "hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-25193",
"url": "https://www.suse.com/security/cve/CVE-2023-25193"
},
{
"category": "external",
"summary": "SUSE Bug 1207922 for CVE-2023-25193",
"url": "https://bugzilla.suse.com/1207922"
},
{
"category": "external",
"summary": "SUSE Bug 1213939 for CVE-2023-25193",
"url": "https://bugzilla.suse.com/1213939"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-150000.3.80.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.10-150000.3.80.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-08-28T07:55:06Z",
"details": "important"
}
],
"title": "CVE-2023-25193"
}
]
}
suse-su-2023:3406-1
Vulnerability from csaf_suse
Published
2023-08-23 17:20
Modified
2023-08-23 17:20
Summary
Security update for java-1_8_0-ibm
Notes
Title of the patch
Security update for java-1_8_0-ibm
Description of the patch
This update for java-1_8_0-ibm fixes the following issues:
- Update to Java 8.0 Service Refresh 8 Fix Pack 10 (bsc#1213541)
- CVE-2022-40609: Fixed an unsafe deserialization flaw which could allow a remote attacker to execute arbitrary code on the system. (bsc#1213934)
- CVE-2023-22041: Fixed a flaw whcih could allow unauthorized access to critical data or complete access. (bsc#1213475)
- CVE-2023-22049: Fixed a flaw which could result in unauthorized update. (bsc#1213482)
- CVE-2023-22045: Fixed a flaw which could result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. (bsc#1213481)
- CVE-2023-22044: Fixed a flaw which could result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. (bsc#1213479)
- CVE-2023-22036: Fixed a flaw which could result in unauthorized ability to cause a partial denial of service. (bsc#1213474)
- CVE-2023-25193: Fixed a flaw which could allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks. (bsc#1207922)
- CVE-2023-22006: Fixed a flaw which could result in unauthorized update, insert or delete access for JDK accessible data. (bsc#1213473)
Patchnames
SUSE-2023-3406,SUSE-SLE-SDK-12-SP5-2023-3406,SUSE-SLE-SERVER-12-SP5-2023-3406
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for java-1_8_0-ibm",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for java-1_8_0-ibm fixes the following issues:\n\n- Update to Java 8.0 Service Refresh 8 Fix Pack 10 (bsc#1213541)\n- CVE-2022-40609: Fixed an unsafe deserialization flaw which could allow a remote attacker to execute arbitrary code on the system. (bsc#1213934)\n- CVE-2023-22041: Fixed a flaw whcih could allow unauthorized access to critical data or complete access. (bsc#1213475)\n- CVE-2023-22049: Fixed a flaw which could result in unauthorized update. (bsc#1213482)\n- CVE-2023-22045: Fixed a flaw which could result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. (bsc#1213481)\n- CVE-2023-22044: Fixed a flaw which could result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. (bsc#1213479)\n- CVE-2023-22036: Fixed a flaw which could result in unauthorized ability to cause a partial denial of service. (bsc#1213474)\n- CVE-2023-25193: Fixed a flaw which could allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks. (bsc#1207922)\n- CVE-2023-22006: Fixed a flaw which could result in unauthorized update, insert or delete access for JDK accessible data. (bsc#1213473)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-3406,SUSE-SLE-SDK-12-SP5-2023-3406,SUSE-SLE-SERVER-12-SP5-2023-3406",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_3406-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:3406-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20233406-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:3406-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2023-August/031141.html"
},
{
"category": "self",
"summary": "SUSE Bug 1214431",
"url": "https://bugzilla.suse.com/1214431"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-40609 page",
"url": "https://www.suse.com/security/cve/CVE-2022-40609/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-22006 page",
"url": "https://www.suse.com/security/cve/CVE-2023-22006/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-22036 page",
"url": "https://www.suse.com/security/cve/CVE-2023-22036/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-22041 page",
"url": "https://www.suse.com/security/cve/CVE-2023-22041/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-22044 page",
"url": "https://www.suse.com/security/cve/CVE-2023-22044/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-22045 page",
"url": "https://www.suse.com/security/cve/CVE-2023-22045/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-22049 page",
"url": "https://www.suse.com/security/cve/CVE-2023-22049/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-25193 page",
"url": "https://www.suse.com/security/cve/CVE-2023-25193/"
}
],
"title": "Security update for java-1_8_0-ibm",
"tracking": {
"current_release_date": "2023-08-23T17:20:36Z",
"generator": {
"date": "2023-08-23T17:20:36Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:3406-1",
"initial_release_date": "2023-08-23T17:20:36Z",
"revision_history": [
{
"date": "2023-08-23T17:20:36Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.i586",
"product": {
"name": "java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.i586",
"product_id": "java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.i586"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.i586",
"product": {
"name": "java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.i586",
"product_id": "java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.i586"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-demo-1.8.0_sr8.10-30.114.1.i586",
"product": {
"name": "java-1_8_0-ibm-demo-1.8.0_sr8.10-30.114.1.i586",
"product_id": "java-1_8_0-ibm-demo-1.8.0_sr8.10-30.114.1.i586"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.i586",
"product": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.i586",
"product_id": "java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.i586"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.i586",
"product": {
"name": "java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.i586",
"product_id": "java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.i586"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-src-1.8.0_sr8.10-30.114.1.i586",
"product": {
"name": "java-1_8_0-ibm-src-1.8.0_sr8.10-30.114.1.i586",
"product_id": "java-1_8_0-ibm-src-1.8.0_sr8.10-30.114.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.ppc64le",
"product": {
"name": "java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.ppc64le",
"product_id": "java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-demo-1.8.0_sr8.10-30.114.1.ppc64le",
"product": {
"name": "java-1_8_0-ibm-demo-1.8.0_sr8.10-30.114.1.ppc64le",
"product_id": "java-1_8_0-ibm-demo-1.8.0_sr8.10-30.114.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"product": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"product_id": "java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-src-1.8.0_sr8.10-30.114.1.ppc64le",
"product": {
"name": "java-1_8_0-ibm-src-1.8.0_sr8.10-30.114.1.ppc64le",
"product_id": "java-1_8_0-ibm-src-1.8.0_sr8.10-30.114.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390",
"product": {
"name": "java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390",
"product_id": "java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-demo-1.8.0_sr8.10-30.114.1.s390",
"product": {
"name": "java-1_8_0-ibm-demo-1.8.0_sr8.10-30.114.1.s390",
"product_id": "java-1_8_0-ibm-demo-1.8.0_sr8.10-30.114.1.s390"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390",
"product": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390",
"product_id": "java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-src-1.8.0_sr8.10-30.114.1.s390",
"product": {
"name": "java-1_8_0-ibm-src-1.8.0_sr8.10-30.114.1.s390",
"product_id": "java-1_8_0-ibm-src-1.8.0_sr8.10-30.114.1.s390"
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390x",
"product": {
"name": "java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390x",
"product_id": "java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-32bit-1.8.0_sr8.10-30.114.1.s390x",
"product": {
"name": "java-1_8_0-ibm-32bit-1.8.0_sr8.10-30.114.1.s390x",
"product_id": "java-1_8_0-ibm-32bit-1.8.0_sr8.10-30.114.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-demo-1.8.0_sr8.10-30.114.1.s390x",
"product": {
"name": "java-1_8_0-ibm-demo-1.8.0_sr8.10-30.114.1.s390x",
"product_id": "java-1_8_0-ibm-demo-1.8.0_sr8.10-30.114.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"product": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"product_id": "java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-30.114.1.s390x",
"product": {
"name": "java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-30.114.1.s390x",
"product_id": "java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-30.114.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-src-1.8.0_sr8.10-30.114.1.s390x",
"product": {
"name": "java-1_8_0-ibm-src-1.8.0_sr8.10-30.114.1.s390x",
"product_id": "java-1_8_0-ibm-src-1.8.0_sr8.10-30.114.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.x86_64",
"product": {
"name": "java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.x86_64",
"product_id": "java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-32bit-1.8.0_sr8.10-30.114.1.x86_64",
"product": {
"name": "java-1_8_0-ibm-32bit-1.8.0_sr8.10-30.114.1.x86_64",
"product_id": "java-1_8_0-ibm-32bit-1.8.0_sr8.10-30.114.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.x86_64",
"product": {
"name": "java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.x86_64",
"product_id": "java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-demo-1.8.0_sr8.10-30.114.1.x86_64",
"product": {
"name": "java-1_8_0-ibm-demo-1.8.0_sr8.10-30.114.1.x86_64",
"product_id": "java-1_8_0-ibm-demo-1.8.0_sr8.10-30.114.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64",
"product": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64",
"product_id": "java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-30.114.1.x86_64",
"product": {
"name": "java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-30.114.1.x86_64",
"product_id": "java-1_8_0-ibm-devel-32bit-1.8.0_sr8.10-30.114.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.x86_64",
"product": {
"name": "java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.x86_64",
"product_id": "java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-src-1.8.0_sr8.10-30.114.1.x86_64",
"product": {
"name": "java-1_8_0-ibm-src-1.8.0_sr8.10-30.114.1.x86_64",
"product_id": "java-1_8_0-ibm-src-1.8.0_sr8.10-30.114.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-sdk:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390x"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390x"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-40609",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-40609"
}
],
"notes": [
{
"category": "general",
"text": "IBM SDK, Java Technology Edition 7.1.5.18 and 8.0.8.0 could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization flaw. By sending specially-crafted data, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 236069.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-40609",
"url": "https://www.suse.com/security/cve/CVE-2022-40609"
},
{
"category": "external",
"summary": "SUSE Bug 1213934 for CVE-2022-40609",
"url": "https://bugzilla.suse.com/1213934"
},
{
"category": "external",
"summary": "SUSE Bug 1214431 for CVE-2022-40609",
"url": "https://bugzilla.suse.com/1214431"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-08-23T17:20:36Z",
"details": "important"
}
],
"title": "CVE-2022-40609"
},
{
"cve": "CVE-2023-22006",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-22006"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and 20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.1 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-22006",
"url": "https://www.suse.com/security/cve/CVE-2023-22006"
},
{
"category": "external",
"summary": "SUSE Bug 1213473 for CVE-2023-22006",
"url": "https://bugzilla.suse.com/1213473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-08-23T17:20:36Z",
"details": "low"
}
],
"title": "CVE-2023-22006"
},
{
"cve": "CVE-2023-22036",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-22036"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Utility). Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and 20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-22036",
"url": "https://www.suse.com/security/cve/CVE-2023-22036"
},
{
"category": "external",
"summary": "SUSE Bug 1213474 for CVE-2023-22036",
"url": "https://bugzilla.suse.com/1213474"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-08-23T17:20:36Z",
"details": "low"
}
],
"title": "CVE-2023-22036"
},
{
"cve": "CVE-2023-22041",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-22041"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and 20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK executes to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-22041",
"url": "https://www.suse.com/security/cve/CVE-2023-22041"
},
{
"category": "external",
"summary": "SUSE Bug 1213475 for CVE-2023-22041",
"url": "https://bugzilla.suse.com/1213475"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-08-23T17:20:36Z",
"details": "moderate"
}
],
"title": "CVE-2023-22041"
},
{
"cve": "CVE-2023-22044",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-22044"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u371-perf, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and 20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-22044",
"url": "https://www.suse.com/security/cve/CVE-2023-22044"
},
{
"category": "external",
"summary": "SUSE Bug 1213479 for CVE-2023-22044",
"url": "https://bugzilla.suse.com/1213479"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-08-23T17:20:36Z",
"details": "low"
}
],
"title": "CVE-2023-22044"
},
{
"cve": "CVE-2023-22045",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-22045"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u371, 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and 20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-22045",
"url": "https://www.suse.com/security/cve/CVE-2023-22045"
},
{
"category": "external",
"summary": "SUSE Bug 1213481 for CVE-2023-22045",
"url": "https://bugzilla.suse.com/1213481"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-08-23T17:20:36Z",
"details": "low"
}
],
"title": "CVE-2023-22045"
},
{
"cve": "CVE-2023-22049",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-22049"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u371, 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and 20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-22049",
"url": "https://www.suse.com/security/cve/CVE-2023-22049"
},
{
"category": "external",
"summary": "SUSE Bug 1213482 for CVE-2023-22049",
"url": "https://bugzilla.suse.com/1213482"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-08-23T17:20:36Z",
"details": "low"
}
],
"title": "CVE-2023-22049"
},
{
"cve": "CVE-2023-25193",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-25193"
}
],
"notes": [
{
"category": "general",
"text": "hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-25193",
"url": "https://www.suse.com/security/cve/CVE-2023-25193"
},
{
"category": "external",
"summary": "SUSE Bug 1207922 for CVE-2023-25193",
"url": "https://bugzilla.suse.com/1207922"
},
{
"category": "external",
"summary": "SUSE Bug 1213939 for CVE-2023-25193",
"url": "https://bugzilla.suse.com/1213939"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.10-30.114.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.10-30.114.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-08-23T17:20:36Z",
"details": "important"
}
],
"title": "CVE-2023-25193"
}
]
}
rhsa-2023:4160
Vulnerability from csaf_redhat
Published
2023-07-31 09:33
Modified
2025-10-09 23:11
Summary
Red Hat Security Advisory: java-1.8.0-ibm security update
Notes
Topic
An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 7 Supplementary.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.
This update upgrades IBM Java SE 8 to version 8 SR8-FP5.
Security Fix(es):
* OpenJDK: improper connection handling during TLS handshake (8294474) (CVE-2023-21930)
* OpenJDK: Swing HTML parsing issue (8296832) (CVE-2023-21939)
* OpenJDK: certificate validation issue in TLS session negotiation (8298310) (CVE-2023-21967)
* OpenJDK: missing string checks for NULL characters (8296622) (CVE-2023-21937)
* OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304) (CVE-2023-21938)
* OpenJDK: missing check for slash characters in URI-to-path conversion (8298667) (CVE-2023-21968)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 7 Supplementary.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.\n\nThis update upgrades IBM Java SE 8 to version 8 SR8-FP5.\n\nSecurity Fix(es):\n\n* OpenJDK: improper connection handling during TLS handshake (8294474) (CVE-2023-21930)\n\n* OpenJDK: Swing HTML parsing issue (8296832) (CVE-2023-21939)\n\n* OpenJDK: certificate validation issue in TLS session negotiation (8298310) (CVE-2023-21967)\n\n* OpenJDK: missing string checks for NULL characters (8296622) (CVE-2023-21937)\n\n* OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304) (CVE-2023-21938)\n\n* OpenJDK: missing check for slash characters in URI-to-path conversion (8298667) (CVE-2023-21968)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:4160",
"url": "https://access.redhat.com/errata/RHSA-2023:4160"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2187435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187435"
},
{
"category": "external",
"summary": "2187704",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187704"
},
{
"category": "external",
"summary": "2187724",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187724"
},
{
"category": "external",
"summary": "2187758",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187758"
},
{
"category": "external",
"summary": "2187790",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187790"
},
{
"category": "external",
"summary": "2187802",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187802"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_4160.json"
}
],
"title": "Red Hat Security Advisory: java-1.8.0-ibm security update",
"tracking": {
"current_release_date": "2025-10-09T23:11:20+00:00",
"generator": {
"date": "2025-10-09T23:11:20+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2023:4160",
"initial_release_date": "2023-07-31T09:33:41+00:00",
"revision_history": [
{
"date": "2023-07-31T09:33:41+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-07-31T09:33:41+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-09T23:11:20+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:7"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux Supplementary"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"product": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"product_id": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.8.5-1jpp.1.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"product": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"product_id": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.8.5-1jpp.1.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"product": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"product_id": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.8.5-1jpp.1.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"product": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.8.5-1jpp.1.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"product": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"product_id": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-plugin@1.8.0.8.5-1jpp.1.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"product": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"product_id": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.8.5-1jpp.1.el7?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"product": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"product_id": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.8.5-1jpp.1.el7?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"product": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"product_id": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.8.5-1jpp.1.el7?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"product": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"product_id": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.8.5-1jpp.1.el7?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"product": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.8.5-1jpp.1.el7?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"product": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"product_id": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.8.5-1jpp.1.el7?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"product": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"product_id": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.8.5-1jpp.1.el7?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"product": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"product_id": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.8.5-1jpp.1.el7?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"product": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"product_id": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.8.5-1jpp.1.el7?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"product": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.8.5-1jpp.1.el7?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"product": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"product_id": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-plugin@1.8.0.8.5-1jpp.1.el7?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"product": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"product_id": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.8.5-1jpp.1.el7?arch=ppc64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"product": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"product_id": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.8.5-1jpp.1.el7?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"product": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"product_id": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.8.5-1jpp.1.el7?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"product": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"product_id": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.8.5-1jpp.1.el7?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"product": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.8.5-1jpp.1.el7?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"product": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"product_id": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.8.5-1jpp.1.el7?arch=ppc64le\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-40609",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2023-08-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2228078"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in IBM SDK, Java Technology Edition, which could allow a remote attacker to execute arbitrary code on the system caused by an unsafe deserialization flaw. An attacker could exploit this vulnerability by sending specially-crafted data to execute arbitrary code on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unsafe deserialization flaw in the Object Request Broker (ORB)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40609"
},
{
"category": "external",
"summary": "RHBZ#2228078",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228078"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40609",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40609"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40609",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40609"
},
{
"category": "external",
"summary": "https://www.ibm.com/support/pages/node/7017032",
"url": "https://www.ibm.com/support/pages/node/7017032"
}
],
"release_date": "2023-08-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-31T09:33:41+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4160"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "JDK: unsafe deserialization flaw in the Object Request Broker (ORB)"
},
{
"cve": "CVE-2023-21930",
"cwe": {
"id": "CWE-924",
"name": "Improper Enforcement of Message Integrity During Transmission in a Communication Channel"
},
"discovery_date": "2023-04-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2187435"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: improper connection handling during TLS handshake (8294474)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-21930"
},
{
"category": "external",
"summary": "RHBZ#2187435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187435"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21930"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-21930",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-21930"
}
],
"release_date": "2023-04-18T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-31T09:33:41+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4160"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: improper connection handling during TLS handshake (8294474)"
},
{
"cve": "CVE-2023-21937",
"cwe": {
"id": "CWE-158",
"name": "Improper Neutralization of Null Byte or NUL Character"
},
"discovery_date": "2023-04-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2187790"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: missing string checks for NULL characters (8296622)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-21937"
},
{
"category": "external",
"summary": "RHBZ#2187790",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187790"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21937"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-21937",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-21937"
}
],
"release_date": "2023-04-18T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-31T09:33:41+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4160"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "OpenJDK: missing string checks for NULL characters (8296622)"
},
{
"cve": "CVE-2023-21938",
"cwe": {
"id": "CWE-158",
"name": "Improper Neutralization of Null Byte or NUL Character"
},
"discovery_date": "2023-04-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2187758"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-21938"
},
{
"category": "external",
"summary": "RHBZ#2187758",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187758"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21938"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-21938",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-21938"
}
],
"release_date": "2023-04-18T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-31T09:33:41+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4160"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304)"
},
{
"cve": "CVE-2023-21939",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2023-04-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2187724"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Swing). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: Swing HTML parsing issue (8296832)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-21939"
},
{
"category": "external",
"summary": "RHBZ#2187724",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187724"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21939"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-21939",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-21939"
}
],
"release_date": "2023-04-18T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-31T09:33:41+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4160"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: Swing HTML parsing issue (8296832)"
},
{
"cve": "CVE-2023-21967",
"cwe": {
"id": "CWE-358",
"name": "Improperly Implemented Security Check for Standard"
},
"discovery_date": "2023-04-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2187704"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: certificate validation issue in TLS session negotiation (8298310)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-21967"
},
{
"category": "external",
"summary": "RHBZ#2187704",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187704"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21967"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-21967",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-21967"
}
],
"release_date": "2023-04-18T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-31T09:33:41+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4160"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: certificate validation issue in TLS session negotiation (8298310)"
},
{
"cve": "CVE-2023-21968",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2023-04-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2187802"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: missing check for slash characters in URI-to-path conversion (8298667)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-21968"
},
{
"category": "external",
"summary": "RHBZ#2187802",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187802"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21968"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-21968",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-21968"
}
],
"release_date": "2023-04-18T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-31T09:33:41+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4160"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "OpenJDK: missing check for slash characters in URI-to-path conversion (8298667)"
}
]
}
RHSA-2023:4160
Vulnerability from csaf_redhat
Published
2023-07-31 09:33
Modified
2025-10-09 23:11
Summary
Red Hat Security Advisory: java-1.8.0-ibm security update
Notes
Topic
An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 7 Supplementary.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.
This update upgrades IBM Java SE 8 to version 8 SR8-FP5.
Security Fix(es):
* OpenJDK: improper connection handling during TLS handshake (8294474) (CVE-2023-21930)
* OpenJDK: Swing HTML parsing issue (8296832) (CVE-2023-21939)
* OpenJDK: certificate validation issue in TLS session negotiation (8298310) (CVE-2023-21967)
* OpenJDK: missing string checks for NULL characters (8296622) (CVE-2023-21937)
* OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304) (CVE-2023-21938)
* OpenJDK: missing check for slash characters in URI-to-path conversion (8298667) (CVE-2023-21968)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 7 Supplementary.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.\n\nThis update upgrades IBM Java SE 8 to version 8 SR8-FP5.\n\nSecurity Fix(es):\n\n* OpenJDK: improper connection handling during TLS handshake (8294474) (CVE-2023-21930)\n\n* OpenJDK: Swing HTML parsing issue (8296832) (CVE-2023-21939)\n\n* OpenJDK: certificate validation issue in TLS session negotiation (8298310) (CVE-2023-21967)\n\n* OpenJDK: missing string checks for NULL characters (8296622) (CVE-2023-21937)\n\n* OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304) (CVE-2023-21938)\n\n* OpenJDK: missing check for slash characters in URI-to-path conversion (8298667) (CVE-2023-21968)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:4160",
"url": "https://access.redhat.com/errata/RHSA-2023:4160"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2187435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187435"
},
{
"category": "external",
"summary": "2187704",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187704"
},
{
"category": "external",
"summary": "2187724",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187724"
},
{
"category": "external",
"summary": "2187758",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187758"
},
{
"category": "external",
"summary": "2187790",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187790"
},
{
"category": "external",
"summary": "2187802",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187802"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_4160.json"
}
],
"title": "Red Hat Security Advisory: java-1.8.0-ibm security update",
"tracking": {
"current_release_date": "2025-10-09T23:11:20+00:00",
"generator": {
"date": "2025-10-09T23:11:20+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2023:4160",
"initial_release_date": "2023-07-31T09:33:41+00:00",
"revision_history": [
{
"date": "2023-07-31T09:33:41+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-07-31T09:33:41+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-09T23:11:20+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:7"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux Supplementary"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"product": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"product_id": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.8.5-1jpp.1.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"product": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"product_id": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.8.5-1jpp.1.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"product": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"product_id": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.8.5-1jpp.1.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"product": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.8.5-1jpp.1.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"product": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"product_id": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-plugin@1.8.0.8.5-1jpp.1.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"product": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"product_id": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.8.5-1jpp.1.el7?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"product": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"product_id": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.8.5-1jpp.1.el7?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"product": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"product_id": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.8.5-1jpp.1.el7?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"product": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"product_id": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.8.5-1jpp.1.el7?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"product": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.8.5-1jpp.1.el7?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"product": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"product_id": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.8.5-1jpp.1.el7?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"product": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"product_id": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.8.5-1jpp.1.el7?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"product": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"product_id": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.8.5-1jpp.1.el7?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"product": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"product_id": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.8.5-1jpp.1.el7?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"product": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.8.5-1jpp.1.el7?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"product": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"product_id": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-plugin@1.8.0.8.5-1jpp.1.el7?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"product": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"product_id": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.8.5-1jpp.1.el7?arch=ppc64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"product": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"product_id": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.8.5-1jpp.1.el7?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"product": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"product_id": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.8.5-1jpp.1.el7?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"product": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"product_id": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.8.5-1jpp.1.el7?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"product": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.8.5-1jpp.1.el7?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"product": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"product_id": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.8.5-1jpp.1.el7?arch=ppc64le\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-40609",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2023-08-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2228078"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in IBM SDK, Java Technology Edition, which could allow a remote attacker to execute arbitrary code on the system caused by an unsafe deserialization flaw. An attacker could exploit this vulnerability by sending specially-crafted data to execute arbitrary code on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unsafe deserialization flaw in the Object Request Broker (ORB)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40609"
},
{
"category": "external",
"summary": "RHBZ#2228078",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228078"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40609",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40609"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40609",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40609"
},
{
"category": "external",
"summary": "https://www.ibm.com/support/pages/node/7017032",
"url": "https://www.ibm.com/support/pages/node/7017032"
}
],
"release_date": "2023-08-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-31T09:33:41+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4160"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "JDK: unsafe deserialization flaw in the Object Request Broker (ORB)"
},
{
"cve": "CVE-2023-21930",
"cwe": {
"id": "CWE-924",
"name": "Improper Enforcement of Message Integrity During Transmission in a Communication Channel"
},
"discovery_date": "2023-04-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2187435"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: improper connection handling during TLS handshake (8294474)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-21930"
},
{
"category": "external",
"summary": "RHBZ#2187435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187435"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21930"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-21930",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-21930"
}
],
"release_date": "2023-04-18T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-31T09:33:41+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4160"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: improper connection handling during TLS handshake (8294474)"
},
{
"cve": "CVE-2023-21937",
"cwe": {
"id": "CWE-158",
"name": "Improper Neutralization of Null Byte or NUL Character"
},
"discovery_date": "2023-04-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2187790"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: missing string checks for NULL characters (8296622)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-21937"
},
{
"category": "external",
"summary": "RHBZ#2187790",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187790"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21937"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-21937",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-21937"
}
],
"release_date": "2023-04-18T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-31T09:33:41+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4160"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "OpenJDK: missing string checks for NULL characters (8296622)"
},
{
"cve": "CVE-2023-21938",
"cwe": {
"id": "CWE-158",
"name": "Improper Neutralization of Null Byte or NUL Character"
},
"discovery_date": "2023-04-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2187758"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-21938"
},
{
"category": "external",
"summary": "RHBZ#2187758",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187758"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21938"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-21938",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-21938"
}
],
"release_date": "2023-04-18T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-31T09:33:41+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4160"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304)"
},
{
"cve": "CVE-2023-21939",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2023-04-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2187724"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Swing). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: Swing HTML parsing issue (8296832)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-21939"
},
{
"category": "external",
"summary": "RHBZ#2187724",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187724"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21939"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-21939",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-21939"
}
],
"release_date": "2023-04-18T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-31T09:33:41+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4160"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: Swing HTML parsing issue (8296832)"
},
{
"cve": "CVE-2023-21967",
"cwe": {
"id": "CWE-358",
"name": "Improperly Implemented Security Check for Standard"
},
"discovery_date": "2023-04-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2187704"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: certificate validation issue in TLS session negotiation (8298310)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-21967"
},
{
"category": "external",
"summary": "RHBZ#2187704",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187704"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21967"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-21967",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-21967"
}
],
"release_date": "2023-04-18T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-31T09:33:41+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4160"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: certificate validation issue in TLS session negotiation (8298310)"
},
{
"cve": "CVE-2023-21968",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2023-04-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2187802"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: missing check for slash characters in URI-to-path conversion (8298667)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-21968"
},
{
"category": "external",
"summary": "RHBZ#2187802",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187802"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21968"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-21968",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-21968"
}
],
"release_date": "2023-04-18T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-31T09:33:41+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4160"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "OpenJDK: missing check for slash characters in URI-to-path conversion (8298667)"
}
]
}
rhsa-2023_4160
Vulnerability from csaf_redhat
Published
2023-07-31 09:33
Modified
2024-11-15 17:24
Summary
Red Hat Security Advisory: java-1.8.0-ibm security update
Notes
Topic
An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 7 Supplementary.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.
This update upgrades IBM Java SE 8 to version 8 SR8-FP5.
Security Fix(es):
* OpenJDK: improper connection handling during TLS handshake (8294474) (CVE-2023-21930)
* OpenJDK: Swing HTML parsing issue (8296832) (CVE-2023-21939)
* OpenJDK: certificate validation issue in TLS session negotiation (8298310) (CVE-2023-21967)
* OpenJDK: missing string checks for NULL characters (8296622) (CVE-2023-21937)
* OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304) (CVE-2023-21938)
* OpenJDK: missing check for slash characters in URI-to-path conversion (8298667) (CVE-2023-21968)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 7 Supplementary.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.\n\nThis update upgrades IBM Java SE 8 to version 8 SR8-FP5.\n\nSecurity Fix(es):\n\n* OpenJDK: improper connection handling during TLS handshake (8294474) (CVE-2023-21930)\n\n* OpenJDK: Swing HTML parsing issue (8296832) (CVE-2023-21939)\n\n* OpenJDK: certificate validation issue in TLS session negotiation (8298310) (CVE-2023-21967)\n\n* OpenJDK: missing string checks for NULL characters (8296622) (CVE-2023-21937)\n\n* OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304) (CVE-2023-21938)\n\n* OpenJDK: missing check for slash characters in URI-to-path conversion (8298667) (CVE-2023-21968)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:4160",
"url": "https://access.redhat.com/errata/RHSA-2023:4160"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2187435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187435"
},
{
"category": "external",
"summary": "2187704",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187704"
},
{
"category": "external",
"summary": "2187724",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187724"
},
{
"category": "external",
"summary": "2187758",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187758"
},
{
"category": "external",
"summary": "2187790",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187790"
},
{
"category": "external",
"summary": "2187802",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187802"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_4160.json"
}
],
"title": "Red Hat Security Advisory: java-1.8.0-ibm security update",
"tracking": {
"current_release_date": "2024-11-15T17:24:14+00:00",
"generator": {
"date": "2024-11-15T17:24:14+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2023:4160",
"initial_release_date": "2023-07-31T09:33:41+00:00",
"revision_history": [
{
"date": "2023-07-31T09:33:41+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-07-31T09:33:41+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-15T17:24:14+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:7"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux Supplementary"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"product": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"product_id": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.8.5-1jpp.1.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"product": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"product_id": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.8.5-1jpp.1.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"product": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"product_id": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.8.5-1jpp.1.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"product": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.8.5-1jpp.1.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"product": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"product_id": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-plugin@1.8.0.8.5-1jpp.1.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"product": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"product_id": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.8.5-1jpp.1.el7?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"product": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"product_id": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.8.5-1jpp.1.el7?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"product": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"product_id": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.8.5-1jpp.1.el7?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"product": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"product_id": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.8.5-1jpp.1.el7?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"product": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.8.5-1jpp.1.el7?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"product": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"product_id": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.8.5-1jpp.1.el7?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"product": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"product_id": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.8.5-1jpp.1.el7?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"product": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"product_id": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.8.5-1jpp.1.el7?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"product": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"product_id": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.8.5-1jpp.1.el7?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"product": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.8.5-1jpp.1.el7?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"product": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"product_id": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-plugin@1.8.0.8.5-1jpp.1.el7?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"product": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"product_id": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.8.5-1jpp.1.el7?arch=ppc64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"product": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"product_id": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.8.5-1jpp.1.el7?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"product": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"product_id": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.8.5-1jpp.1.el7?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"product": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"product_id": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.8.5-1jpp.1.el7?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"product": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.8.5-1jpp.1.el7?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"product": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"product_id": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.8.5-1jpp.1.el7?arch=ppc64le\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-40609",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2023-08-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2228078"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in IBM SDK, Java Technology Edition, which could allow a remote attacker to execute arbitrary code on the system caused by an unsafe deserialization flaw. An attacker could exploit this vulnerability by sending specially-crafted data to execute arbitrary code on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unsafe deserialization flaw in the Object Request Broker (ORB)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40609"
},
{
"category": "external",
"summary": "RHBZ#2228078",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228078"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40609",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40609"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40609",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40609"
},
{
"category": "external",
"summary": "https://www.ibm.com/support/pages/node/7017032",
"url": "https://www.ibm.com/support/pages/node/7017032"
}
],
"release_date": "2023-08-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-31T09:33:41+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4160"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "JDK: unsafe deserialization flaw in the Object Request Broker (ORB)"
},
{
"cve": "CVE-2023-21930",
"cwe": {
"id": "CWE-924",
"name": "Improper Enforcement of Message Integrity During Transmission in a Communication Channel"
},
"discovery_date": "2023-04-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2187435"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: improper connection handling during TLS handshake (8294474)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-21930"
},
{
"category": "external",
"summary": "RHBZ#2187435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187435"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21930"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-21930",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-21930"
}
],
"release_date": "2023-04-18T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-31T09:33:41+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4160"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: improper connection handling during TLS handshake (8294474)"
},
{
"cve": "CVE-2023-21937",
"cwe": {
"id": "CWE-158",
"name": "Improper Neutralization of Null Byte or NUL Character"
},
"discovery_date": "2023-04-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2187790"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: missing string checks for NULL characters (8296622)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-21937"
},
{
"category": "external",
"summary": "RHBZ#2187790",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187790"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21937"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-21937",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-21937"
}
],
"release_date": "2023-04-18T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-31T09:33:41+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4160"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "OpenJDK: missing string checks for NULL characters (8296622)"
},
{
"cve": "CVE-2023-21938",
"cwe": {
"id": "CWE-158",
"name": "Improper Neutralization of Null Byte or NUL Character"
},
"discovery_date": "2023-04-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2187758"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-21938"
},
{
"category": "external",
"summary": "RHBZ#2187758",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187758"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21938"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-21938",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-21938"
}
],
"release_date": "2023-04-18T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-31T09:33:41+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4160"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304)"
},
{
"cve": "CVE-2023-21939",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2023-04-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2187724"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Swing). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: Swing HTML parsing issue (8296832)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-21939"
},
{
"category": "external",
"summary": "RHBZ#2187724",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187724"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21939"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-21939",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-21939"
}
],
"release_date": "2023-04-18T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-31T09:33:41+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4160"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: Swing HTML parsing issue (8296832)"
},
{
"cve": "CVE-2023-21967",
"cwe": {
"id": "CWE-358",
"name": "Improperly Implemented Security Check for Standard"
},
"discovery_date": "2023-04-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2187704"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: certificate validation issue in TLS session negotiation (8298310)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-21967"
},
{
"category": "external",
"summary": "RHBZ#2187704",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187704"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21967"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-21967",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-21967"
}
],
"release_date": "2023-04-18T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-31T09:33:41+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4160"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: certificate validation issue in TLS session negotiation (8298310)"
},
{
"cve": "CVE-2023-21968",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2023-04-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2187802"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: missing check for slash characters in URI-to-path conversion (8298667)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-21968"
},
{
"category": "external",
"summary": "RHBZ#2187802",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187802"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21968"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-21968",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-21968"
}
],
"release_date": "2023-04-18T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-31T09:33:41+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4160"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.5-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "OpenJDK: missing check for slash characters in URI-to-path conversion (8298667)"
}
]
}
rhsa-2023_4103
Vulnerability from csaf_redhat
Published
2023-07-17 08:51
Modified
2024-11-15 17:23
Summary
Red Hat Security Advisory: java-1.8.0-ibm security update
Notes
Topic
An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.
This update upgrades IBM Java SE 8 to version 8 SR8-FP5.
Security Fix(es):
* OpenJDK: improper connection handling during TLS handshake (8294474) (CVE-2023-21930)
* OpenJDK: Swing HTML parsing issue (8296832) (CVE-2023-21939)
* OpenJDK: certificate validation issue in TLS session negotiation (8298310) (CVE-2023-21967)
* OpenJDK: missing string checks for NULL characters (8296622) (CVE-2023-21937)
* OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304) (CVE-2023-21938)
* OpenJDK: missing check for slash characters in URI-to-path conversion (8298667) (CVE-2023-21968)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.\n\nThis update upgrades IBM Java SE 8 to version 8 SR8-FP5.\n\nSecurity Fix(es):\n\n* OpenJDK: improper connection handling during TLS handshake (8294474) (CVE-2023-21930)\n\n* OpenJDK: Swing HTML parsing issue (8296832) (CVE-2023-21939)\n\n* OpenJDK: certificate validation issue in TLS session negotiation (8298310) (CVE-2023-21967)\n\n* OpenJDK: missing string checks for NULL characters (8296622) (CVE-2023-21937)\n\n* OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304) (CVE-2023-21938)\n\n* OpenJDK: missing check for slash characters in URI-to-path conversion (8298667) (CVE-2023-21968)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:4103",
"url": "https://access.redhat.com/errata/RHSA-2023:4103"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2187435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187435"
},
{
"category": "external",
"summary": "2187704",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187704"
},
{
"category": "external",
"summary": "2187724",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187724"
},
{
"category": "external",
"summary": "2187758",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187758"
},
{
"category": "external",
"summary": "2187790",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187790"
},
{
"category": "external",
"summary": "2187802",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187802"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_4103.json"
}
],
"title": "Red Hat Security Advisory: java-1.8.0-ibm security update",
"tracking": {
"current_release_date": "2024-11-15T17:23:29+00:00",
"generator": {
"date": "2024-11-15T17:23:29+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2023:4103",
"initial_release_date": "2023-07-17T08:51:02+00:00",
"revision_history": [
{
"date": "2023-07-17T08:51:02+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-07-17T08:51:02+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-15T17:23:29+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Supplementary (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::supplementary"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"product": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"product_id": "java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.8.5-1.el8_8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"product": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"product_id": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.8.5-1.el8_8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"product": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"product_id": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.8.5-1.el8_8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"product": {
"name": "java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"product_id": "java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-headless@1.8.0.8.5-1.el8_8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"product": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.8.5-1.el8_8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"product": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"product_id": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-plugin@1.8.0.8.5-1.el8_8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"product": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"product_id": "java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.8.5-1.el8_8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64",
"product": {
"name": "java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64",
"product_id": "java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-webstart@1.8.0.8.5-1.el8_8?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"product": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"product_id": "java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.8.5-1.el8_8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"product": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"product_id": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.8.5-1.el8_8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"product": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"product_id": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.8.5-1.el8_8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"product": {
"name": "java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"product_id": "java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-headless@1.8.0.8.5-1.el8_8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"product": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.8.5-1.el8_8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"product": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"product_id": "java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.8.5-1.el8_8?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"product": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"product_id": "java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.8.5-1.el8_8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"product": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"product_id": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.8.5-1.el8_8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"product": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"product_id": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.8.5-1.el8_8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"product": {
"name": "java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"product_id": "java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-headless@1.8.0.8.5-1.el8_8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"product": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.8.5-1.el8_8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"product": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"product_id": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-plugin@1.8.0.8.5-1.el8_8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"product": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"product_id": "java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.8.5-1.el8_8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"product": {
"name": "java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"product_id": "java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-webstart@1.8.0.8.5-1.el8_8?arch=ppc64le\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64 as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64 as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64 as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le"
},
"product_reference": "java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x"
},
"product_reference": "java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64 as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64"
},
"product_reference": "java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64 as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64 as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64 as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le"
},
"product_reference": "java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64 as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
},
"product_reference": "java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-40609",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2023-08-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2228078"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in IBM SDK, Java Technology Edition, which could allow a remote attacker to execute arbitrary code on the system caused by an unsafe deserialization flaw. An attacker could exploit this vulnerability by sending specially-crafted data to execute arbitrary code on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unsafe deserialization flaw in the Object Request Broker (ORB)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40609"
},
{
"category": "external",
"summary": "RHBZ#2228078",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228078"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40609",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40609"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40609",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40609"
},
{
"category": "external",
"summary": "https://www.ibm.com/support/pages/node/7017032",
"url": "https://www.ibm.com/support/pages/node/7017032"
}
],
"release_date": "2023-08-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-17T08:51:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4103"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "JDK: unsafe deserialization flaw in the Object Request Broker (ORB)"
},
{
"cve": "CVE-2023-21930",
"cwe": {
"id": "CWE-924",
"name": "Improper Enforcement of Message Integrity During Transmission in a Communication Channel"
},
"discovery_date": "2023-04-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2187435"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: improper connection handling during TLS handshake (8294474)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-21930"
},
{
"category": "external",
"summary": "RHBZ#2187435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187435"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21930"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-21930",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-21930"
}
],
"release_date": "2023-04-18T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-17T08:51:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4103"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: improper connection handling during TLS handshake (8294474)"
},
{
"cve": "CVE-2023-21937",
"cwe": {
"id": "CWE-158",
"name": "Improper Neutralization of Null Byte or NUL Character"
},
"discovery_date": "2023-04-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2187790"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: missing string checks for NULL characters (8296622)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-21937"
},
{
"category": "external",
"summary": "RHBZ#2187790",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187790"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21937"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-21937",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-21937"
}
],
"release_date": "2023-04-18T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-17T08:51:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4103"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "OpenJDK: missing string checks for NULL characters (8296622)"
},
{
"cve": "CVE-2023-21938",
"cwe": {
"id": "CWE-158",
"name": "Improper Neutralization of Null Byte or NUL Character"
},
"discovery_date": "2023-04-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2187758"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-21938"
},
{
"category": "external",
"summary": "RHBZ#2187758",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187758"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21938"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-21938",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-21938"
}
],
"release_date": "2023-04-18T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-17T08:51:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4103"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304)"
},
{
"cve": "CVE-2023-21939",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2023-04-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2187724"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Swing). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: Swing HTML parsing issue (8296832)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-21939"
},
{
"category": "external",
"summary": "RHBZ#2187724",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187724"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21939"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-21939",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-21939"
}
],
"release_date": "2023-04-18T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-17T08:51:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4103"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: Swing HTML parsing issue (8296832)"
},
{
"cve": "CVE-2023-21967",
"cwe": {
"id": "CWE-358",
"name": "Improperly Implemented Security Check for Standard"
},
"discovery_date": "2023-04-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2187704"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: certificate validation issue in TLS session negotiation (8298310)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-21967"
},
{
"category": "external",
"summary": "RHBZ#2187704",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187704"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21967"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-21967",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-21967"
}
],
"release_date": "2023-04-18T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-17T08:51:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4103"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: certificate validation issue in TLS session negotiation (8298310)"
},
{
"cve": "CVE-2023-21968",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2023-04-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2187802"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: missing check for slash characters in URI-to-path conversion (8298667)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-21968"
},
{
"category": "external",
"summary": "RHBZ#2187802",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187802"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21968"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-21968",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-21968"
}
],
"release_date": "2023-04-18T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-17T08:51:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4103"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "OpenJDK: missing check for slash characters in URI-to-path conversion (8298667)"
}
]
}
RHSA-2023:4103
Vulnerability from csaf_redhat
Published
2023-07-17 08:51
Modified
2025-10-09 23:11
Summary
Red Hat Security Advisory: java-1.8.0-ibm security update
Notes
Topic
An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.
This update upgrades IBM Java SE 8 to version 8 SR8-FP5.
Security Fix(es):
* OpenJDK: improper connection handling during TLS handshake (8294474) (CVE-2023-21930)
* OpenJDK: Swing HTML parsing issue (8296832) (CVE-2023-21939)
* OpenJDK: certificate validation issue in TLS session negotiation (8298310) (CVE-2023-21967)
* OpenJDK: missing string checks for NULL characters (8296622) (CVE-2023-21937)
* OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304) (CVE-2023-21938)
* OpenJDK: missing check for slash characters in URI-to-path conversion (8298667) (CVE-2023-21968)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.\n\nThis update upgrades IBM Java SE 8 to version 8 SR8-FP5.\n\nSecurity Fix(es):\n\n* OpenJDK: improper connection handling during TLS handshake (8294474) (CVE-2023-21930)\n\n* OpenJDK: Swing HTML parsing issue (8296832) (CVE-2023-21939)\n\n* OpenJDK: certificate validation issue in TLS session negotiation (8298310) (CVE-2023-21967)\n\n* OpenJDK: missing string checks for NULL characters (8296622) (CVE-2023-21937)\n\n* OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304) (CVE-2023-21938)\n\n* OpenJDK: missing check for slash characters in URI-to-path conversion (8298667) (CVE-2023-21968)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:4103",
"url": "https://access.redhat.com/errata/RHSA-2023:4103"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2187435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187435"
},
{
"category": "external",
"summary": "2187704",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187704"
},
{
"category": "external",
"summary": "2187724",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187724"
},
{
"category": "external",
"summary": "2187758",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187758"
},
{
"category": "external",
"summary": "2187790",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187790"
},
{
"category": "external",
"summary": "2187802",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187802"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_4103.json"
}
],
"title": "Red Hat Security Advisory: java-1.8.0-ibm security update",
"tracking": {
"current_release_date": "2025-10-09T23:11:16+00:00",
"generator": {
"date": "2025-10-09T23:11:16+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2023:4103",
"initial_release_date": "2023-07-17T08:51:02+00:00",
"revision_history": [
{
"date": "2023-07-17T08:51:02+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-07-17T08:51:02+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-09T23:11:16+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Supplementary (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::supplementary"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"product": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"product_id": "java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.8.5-1.el8_8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"product": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"product_id": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.8.5-1.el8_8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"product": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"product_id": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.8.5-1.el8_8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"product": {
"name": "java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"product_id": "java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-headless@1.8.0.8.5-1.el8_8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"product": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.8.5-1.el8_8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"product": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"product_id": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-plugin@1.8.0.8.5-1.el8_8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"product": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"product_id": "java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.8.5-1.el8_8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64",
"product": {
"name": "java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64",
"product_id": "java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-webstart@1.8.0.8.5-1.el8_8?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"product": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"product_id": "java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.8.5-1.el8_8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"product": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"product_id": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.8.5-1.el8_8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"product": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"product_id": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.8.5-1.el8_8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"product": {
"name": "java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"product_id": "java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-headless@1.8.0.8.5-1.el8_8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"product": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.8.5-1.el8_8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"product": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"product_id": "java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.8.5-1.el8_8?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"product": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"product_id": "java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.8.5-1.el8_8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"product": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"product_id": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.8.5-1.el8_8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"product": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"product_id": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.8.5-1.el8_8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"product": {
"name": "java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"product_id": "java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-headless@1.8.0.8.5-1.el8_8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"product": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.8.5-1.el8_8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"product": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"product_id": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-plugin@1.8.0.8.5-1.el8_8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"product": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"product_id": "java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.8.5-1.el8_8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"product": {
"name": "java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"product_id": "java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-webstart@1.8.0.8.5-1.el8_8?arch=ppc64le\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64 as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64 as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64 as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le"
},
"product_reference": "java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x"
},
"product_reference": "java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64 as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64"
},
"product_reference": "java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64 as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64 as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64 as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le"
},
"product_reference": "java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64 as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
},
"product_reference": "java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-40609",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2023-08-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2228078"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in IBM SDK, Java Technology Edition, which could allow a remote attacker to execute arbitrary code on the system caused by an unsafe deserialization flaw. An attacker could exploit this vulnerability by sending specially-crafted data to execute arbitrary code on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unsafe deserialization flaw in the Object Request Broker (ORB)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40609"
},
{
"category": "external",
"summary": "RHBZ#2228078",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228078"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40609",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40609"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40609",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40609"
},
{
"category": "external",
"summary": "https://www.ibm.com/support/pages/node/7017032",
"url": "https://www.ibm.com/support/pages/node/7017032"
}
],
"release_date": "2023-08-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-17T08:51:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4103"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "JDK: unsafe deserialization flaw in the Object Request Broker (ORB)"
},
{
"cve": "CVE-2023-21930",
"cwe": {
"id": "CWE-924",
"name": "Improper Enforcement of Message Integrity During Transmission in a Communication Channel"
},
"discovery_date": "2023-04-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2187435"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: improper connection handling during TLS handshake (8294474)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-21930"
},
{
"category": "external",
"summary": "RHBZ#2187435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187435"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21930"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-21930",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-21930"
}
],
"release_date": "2023-04-18T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-17T08:51:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4103"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: improper connection handling during TLS handshake (8294474)"
},
{
"cve": "CVE-2023-21937",
"cwe": {
"id": "CWE-158",
"name": "Improper Neutralization of Null Byte or NUL Character"
},
"discovery_date": "2023-04-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2187790"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: missing string checks for NULL characters (8296622)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-21937"
},
{
"category": "external",
"summary": "RHBZ#2187790",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187790"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21937"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-21937",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-21937"
}
],
"release_date": "2023-04-18T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-17T08:51:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4103"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "OpenJDK: missing string checks for NULL characters (8296622)"
},
{
"cve": "CVE-2023-21938",
"cwe": {
"id": "CWE-158",
"name": "Improper Neutralization of Null Byte or NUL Character"
},
"discovery_date": "2023-04-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2187758"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-21938"
},
{
"category": "external",
"summary": "RHBZ#2187758",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187758"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21938"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-21938",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-21938"
}
],
"release_date": "2023-04-18T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-17T08:51:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4103"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304)"
},
{
"cve": "CVE-2023-21939",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2023-04-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2187724"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Swing). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: Swing HTML parsing issue (8296832)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-21939"
},
{
"category": "external",
"summary": "RHBZ#2187724",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187724"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21939"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-21939",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-21939"
}
],
"release_date": "2023-04-18T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-17T08:51:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4103"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: Swing HTML parsing issue (8296832)"
},
{
"cve": "CVE-2023-21967",
"cwe": {
"id": "CWE-358",
"name": "Improperly Implemented Security Check for Standard"
},
"discovery_date": "2023-04-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2187704"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: certificate validation issue in TLS session negotiation (8298310)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-21967"
},
{
"category": "external",
"summary": "RHBZ#2187704",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187704"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21967"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-21967",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-21967"
}
],
"release_date": "2023-04-18T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-17T08:51:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4103"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: certificate validation issue in TLS session negotiation (8298310)"
},
{
"cve": "CVE-2023-21968",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2023-04-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2187802"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: missing check for slash characters in URI-to-path conversion (8298667)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-21968"
},
{
"category": "external",
"summary": "RHBZ#2187802",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187802"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21968"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-21968",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-21968"
}
],
"release_date": "2023-04-18T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-17T08:51:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4103"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "OpenJDK: missing check for slash characters in URI-to-path conversion (8298667)"
}
]
}
rhsa-2023:4103
Vulnerability from csaf_redhat
Published
2023-07-17 08:51
Modified
2025-10-09 23:11
Summary
Red Hat Security Advisory: java-1.8.0-ibm security update
Notes
Topic
An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.
This update upgrades IBM Java SE 8 to version 8 SR8-FP5.
Security Fix(es):
* OpenJDK: improper connection handling during TLS handshake (8294474) (CVE-2023-21930)
* OpenJDK: Swing HTML parsing issue (8296832) (CVE-2023-21939)
* OpenJDK: certificate validation issue in TLS session negotiation (8298310) (CVE-2023-21967)
* OpenJDK: missing string checks for NULL characters (8296622) (CVE-2023-21937)
* OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304) (CVE-2023-21938)
* OpenJDK: missing check for slash characters in URI-to-path conversion (8298667) (CVE-2023-21968)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.\n\nThis update upgrades IBM Java SE 8 to version 8 SR8-FP5.\n\nSecurity Fix(es):\n\n* OpenJDK: improper connection handling during TLS handshake (8294474) (CVE-2023-21930)\n\n* OpenJDK: Swing HTML parsing issue (8296832) (CVE-2023-21939)\n\n* OpenJDK: certificate validation issue in TLS session negotiation (8298310) (CVE-2023-21967)\n\n* OpenJDK: missing string checks for NULL characters (8296622) (CVE-2023-21937)\n\n* OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304) (CVE-2023-21938)\n\n* OpenJDK: missing check for slash characters in URI-to-path conversion (8298667) (CVE-2023-21968)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:4103",
"url": "https://access.redhat.com/errata/RHSA-2023:4103"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2187435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187435"
},
{
"category": "external",
"summary": "2187704",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187704"
},
{
"category": "external",
"summary": "2187724",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187724"
},
{
"category": "external",
"summary": "2187758",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187758"
},
{
"category": "external",
"summary": "2187790",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187790"
},
{
"category": "external",
"summary": "2187802",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187802"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_4103.json"
}
],
"title": "Red Hat Security Advisory: java-1.8.0-ibm security update",
"tracking": {
"current_release_date": "2025-10-09T23:11:16+00:00",
"generator": {
"date": "2025-10-09T23:11:16+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2023:4103",
"initial_release_date": "2023-07-17T08:51:02+00:00",
"revision_history": [
{
"date": "2023-07-17T08:51:02+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-07-17T08:51:02+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-09T23:11:16+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Supplementary (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::supplementary"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"product": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"product_id": "java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.8.5-1.el8_8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"product": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"product_id": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.8.5-1.el8_8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"product": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"product_id": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.8.5-1.el8_8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"product": {
"name": "java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"product_id": "java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-headless@1.8.0.8.5-1.el8_8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"product": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.8.5-1.el8_8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"product": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"product_id": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-plugin@1.8.0.8.5-1.el8_8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"product": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"product_id": "java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.8.5-1.el8_8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64",
"product": {
"name": "java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64",
"product_id": "java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-webstart@1.8.0.8.5-1.el8_8?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"product": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"product_id": "java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.8.5-1.el8_8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"product": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"product_id": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.8.5-1.el8_8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"product": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"product_id": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.8.5-1.el8_8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"product": {
"name": "java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"product_id": "java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-headless@1.8.0.8.5-1.el8_8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"product": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.8.5-1.el8_8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"product": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"product_id": "java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.8.5-1.el8_8?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"product": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"product_id": "java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.8.5-1.el8_8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"product": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"product_id": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.8.5-1.el8_8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"product": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"product_id": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.8.5-1.el8_8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"product": {
"name": "java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"product_id": "java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-headless@1.8.0.8.5-1.el8_8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"product": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.8.5-1.el8_8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"product": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"product_id": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-plugin@1.8.0.8.5-1.el8_8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"product": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"product_id": "java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.8.5-1.el8_8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"product": {
"name": "java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"product_id": "java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-webstart@1.8.0.8.5-1.el8_8?arch=ppc64le\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64 as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64 as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64 as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le"
},
"product_reference": "java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x"
},
"product_reference": "java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64 as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64"
},
"product_reference": "java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64 as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64 as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64 as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le"
},
"product_reference": "java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64 as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
},
"product_reference": "java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64",
"relates_to_product_reference": "Supplementary-8.8.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-40609",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2023-08-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2228078"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in IBM SDK, Java Technology Edition, which could allow a remote attacker to execute arbitrary code on the system caused by an unsafe deserialization flaw. An attacker could exploit this vulnerability by sending specially-crafted data to execute arbitrary code on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unsafe deserialization flaw in the Object Request Broker (ORB)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40609"
},
{
"category": "external",
"summary": "RHBZ#2228078",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228078"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40609",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40609"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40609",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40609"
},
{
"category": "external",
"summary": "https://www.ibm.com/support/pages/node/7017032",
"url": "https://www.ibm.com/support/pages/node/7017032"
}
],
"release_date": "2023-08-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-17T08:51:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4103"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "JDK: unsafe deserialization flaw in the Object Request Broker (ORB)"
},
{
"cve": "CVE-2023-21930",
"cwe": {
"id": "CWE-924",
"name": "Improper Enforcement of Message Integrity During Transmission in a Communication Channel"
},
"discovery_date": "2023-04-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2187435"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: improper connection handling during TLS handshake (8294474)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-21930"
},
{
"category": "external",
"summary": "RHBZ#2187435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187435"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21930"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-21930",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-21930"
}
],
"release_date": "2023-04-18T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-17T08:51:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4103"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: improper connection handling during TLS handshake (8294474)"
},
{
"cve": "CVE-2023-21937",
"cwe": {
"id": "CWE-158",
"name": "Improper Neutralization of Null Byte or NUL Character"
},
"discovery_date": "2023-04-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2187790"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: missing string checks for NULL characters (8296622)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-21937"
},
{
"category": "external",
"summary": "RHBZ#2187790",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187790"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21937"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-21937",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-21937"
}
],
"release_date": "2023-04-18T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-17T08:51:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4103"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "OpenJDK: missing string checks for NULL characters (8296622)"
},
{
"cve": "CVE-2023-21938",
"cwe": {
"id": "CWE-158",
"name": "Improper Neutralization of Null Byte or NUL Character"
},
"discovery_date": "2023-04-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2187758"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-21938"
},
{
"category": "external",
"summary": "RHBZ#2187758",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187758"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21938"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-21938",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-21938"
}
],
"release_date": "2023-04-18T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-17T08:51:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4103"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304)"
},
{
"cve": "CVE-2023-21939",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2023-04-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2187724"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Swing). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: Swing HTML parsing issue (8296832)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-21939"
},
{
"category": "external",
"summary": "RHBZ#2187724",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187724"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21939"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-21939",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-21939"
}
],
"release_date": "2023-04-18T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-17T08:51:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4103"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: Swing HTML parsing issue (8296832)"
},
{
"cve": "CVE-2023-21967",
"cwe": {
"id": "CWE-358",
"name": "Improperly Implemented Security Check for Standard"
},
"discovery_date": "2023-04-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2187704"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: certificate validation issue in TLS session negotiation (8298310)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-21967"
},
{
"category": "external",
"summary": "RHBZ#2187704",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187704"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21967"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-21967",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-21967"
}
],
"release_date": "2023-04-18T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-17T08:51:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4103"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: certificate validation issue in TLS session negotiation (8298310)"
},
{
"cve": "CVE-2023-21968",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2023-04-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2187802"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: missing check for slash characters in URI-to-path conversion (8298667)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-21968"
},
{
"category": "external",
"summary": "RHBZ#2187802",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187802"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21968"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-21968",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-21968"
}
],
"release_date": "2023-04-18T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-17T08:51:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4103"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-demo-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-devel-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-headless-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-jdbc-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-plugin-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.s390x",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-src-1:1.8.0.8.5-1.el8_8.x86_64",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.ppc64le",
"Supplementary-8.8.0.Z.MAIN.EUS:java-1.8.0-ibm-webstart-1:1.8.0.8.5-1.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "OpenJDK: missing check for slash characters in URI-to-path conversion (8298667)"
}
]
}
ghsa-2cf4-9q4p-f6wj
Vulnerability from github
Published
2023-08-02 15:30
Modified
2024-04-04 06:29
Severity ?
VLAI Severity ?
Details
IBM SDK, Java Technology Edition 7.1.5.18 and 8.0.8.0 could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization flaw. By sending specially-crafted data, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 236069.
{
"affected": [],
"aliases": [
"CVE-2022-40609"
],
"database_specific": {
"cwe_ids": [
"CWE-502"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-08-02T15:15:09Z",
"severity": "CRITICAL"
},
"details": "IBM SDK, Java Technology Edition 7.1.5.18 and 8.0.8.0 could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization flaw. By sending specially-crafted data, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 236069.",
"id": "GHSA-2cf4-9q4p-f6wj",
"modified": "2024-04-04T06:29:45Z",
"published": "2023-08-02T15:30:54Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40609"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/236069"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/7017032"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
fkie_cve-2022-40609
Vulnerability from fkie_nvd
Published
2023-08-02 15:15
Modified
2024-11-21 07:21
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
IBM SDK, Java Technology Edition 7.1.5.18 and 8.0.8.0 could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization flaw. By sending specially-crafted data, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 236069.
References
| URL | Tags | ||
|---|---|---|---|
| psirt@us.ibm.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/236069 | VDB Entry, Vendor Advisory | |
| psirt@us.ibm.com | https://www.ibm.com/support/pages/node/7017032 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/236069 | VDB Entry, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.ibm.com/support/pages/node/7017032 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:sdk:*:*:*:*:java_technology:*:*:*",
"matchCriteriaId": "3DB46437-1714-4E42-A63F-CA2415164CE9",
"versionEndExcluding": "7.1.5.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:sdk:*:*:*:*:java_technology:*:*:*",
"matchCriteriaId": "59973F35-EB35-4E62-A91A-1D6D0E2693EB",
"versionEndExcluding": "8.0.8.5",
"versionStartIncluding": "8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM SDK, Java Technology Edition 7.1.5.18 and 8.0.8.0 could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization flaw. By sending specially-crafted data, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 236069."
},
{
"lang": "es",
"value": "IBM SDK Java Technology Edition 7.1.5.18 y 8.0.8.0 podr\u00eda permitir a un atacante remoto ejecutar c\u00f3digo arbitrario en el sistema, debido a un fallo de deserializaci\u00f3n inseguro. Mediante el env\u00edo de datos especialmente dise\u00f1ados, un atacante podr\u00eda aprovechar esta vulnerabilidad para ejecutar c\u00f3digo arbitrario en el sistema. ID de IBM X-Force: 236069. "
}
],
"id": "CVE-2022-40609",
"lastModified": "2024-11-21T07:21:43.020",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "psirt@us.ibm.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-08-02T15:15:09.833",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/236069"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ibm.com/support/pages/node/7017032"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/236069"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ibm.com/support/pages/node/7017032"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-502"
}
],
"source": "psirt@us.ibm.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-502"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
gsd-2022-40609
Vulnerability from gsd
Modified
2023-12-13 01:19
Details
IBM SDK, Java Technology Edition 7.1.5.18 and 8.0.8.0 could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization flaw. By sending specially-crafted data, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 236069.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2022-40609",
"id": "GSD-2022-40609"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2022-40609"
],
"details": "IBM SDK, Java Technology Edition 7.1.5.18 and 8.0.8.0 could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization flaw. By sending specially-crafted data, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 236069.",
"id": "GSD-2022-40609",
"modified": "2023-12-13T01:19:30.617390Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2022-40609",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SDK, Java Technology Edition",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "7.1.5.18, 8.0.8.0"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM SDK, Java Technology Edition 7.1.5.18 and 8.0.8.0 could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization flaw. By sending specially-crafted data, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 236069."
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"cweId": "CWE-502",
"lang": "eng",
"value": "CWE-502 Deserialization of Untrusted Data"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.ibm.com/support/pages/node/7017032",
"refsource": "MISC",
"url": "https://www.ibm.com/support/pages/node/7017032"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/236069",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/236069"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ibm:sdk:*:*:*:*:java_technology:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.0.8.5",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ibm:sdk:*:*:*:*:java_technology:*:*:*",
"cpe_name": [],
"versionEndExcluding": "7.1.5.19",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2022-40609"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "IBM SDK, Java Technology Edition 7.1.5.18 and 8.0.8.0 could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization flaw. By sending specially-crafted data, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 236069."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/236069",
"refsource": "MISC",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/236069"
},
{
"name": "https://www.ibm.com/support/pages/node/7017032",
"refsource": "MISC",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ibm.com/support/pages/node/7017032"
}
]
}
},
"impact": {
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
},
"lastModifiedDate": "2023-08-07T16:10Z",
"publishedDate": "2023-08-02T15:15Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…